]> git.koha-community.org Git - koha.git/commit
Bug 36532: Protect opac-dismiss-message.pl from malicious usages
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Fri, 5 Apr 2024 06:58:06 +0000 (08:58 +0200)
committerLucas Gass <lucas@bywatersolutions.com>
Wed, 1 May 2024 15:14:08 +0000 (15:14 +0000)
commit919d5b88aba5e451551cbaa0ab1f9411d24beb54
tree2894e10f8cd4375eb3e29f205dfb3556913b6df6
parent72cead50b49efaad6349cf653b970e6f5b610475
Bug 36532: Protect opac-dismiss-message.pl from malicious usages

Really bad design, NEVER retrieve the logged in user from the CGI
param!

See comment 1 for more info

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: David Cook <dcook@prosentient.com.au>
(cherry picked from commit a40e1fd62c7320ad5f7b8514ba2bd129aad2d10f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 1df8ee19943b6d112eba85bbab308ba8b550ed67)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-note.inc
opac/opac-dismiss-message.pl