Bug 19614: Fix XSS in members/pay.pl
To Test
1. Hit the page /cgi-bin/koha/members/memberentry.pl
2. Add a text in the field firstname, surname that contains js
3. Save the page.
4. click on fine tab
5. Notice js is execute
6. Apply patch and reload, the js is escaped
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit
e576b89c461c87efc122816fca9f6c3ba08a1833)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
projects / koha.git / commit