]> git.koha-community.org Git - koha.git/commit
Bug 16878: Fix XSS in opac-memberentry
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Fri, 22 Jul 2016 07:30:54 +0000 (08:30 +0100)
committerFrédéric Demians <f.demians@tamil.fr>
Fri, 5 Aug 2016 06:26:51 +0000 (08:26 +0200)
commitb505c6b7d636f262eadef82984b83b5194438724
treec78cd8d226a549085b4b87b43a31fd56a5d0ef6f
parent3810c29f61ebcd815066f1be2abc08cbb2bdc0aa
Bug 16878: Fix XSS in opac-memberentry

The vars are gotten from the url and sent to the template as it. They
must be escaped.

Test plan:
I have not managed to create the original issue, so there is no test
plan for the XSS fix, but you can confirm there is no regression.

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
(cherry picked from commit 9bdea2e3691fd62e777cc974f89b867a69eec9a8)
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
opac/opac-memberentry.pl