]> git.koha-community.org Git - koha.git/commit
Bug 36532: Protect opac-dismiss-message.pl from malicious usages
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Fri, 5 Apr 2024 06:58:06 +0000 (08:58 +0200)
committerFrédéric Demians <f.demians@tamil.fr>
Wed, 24 Apr 2024 09:51:45 +0000 (09:51 +0000)
commit2278d229e899cd279f62addd8275365718ad8cbb
tree29ce2d4b3ac67d1f1dc6f7ad5d43c38b8453c71d
parent2eab2949fc50c752c3bf950c887e54845353e900
Bug 36532: Protect opac-dismiss-message.pl from malicious usages

Really bad design, NEVER retrieve the logged in user from the CGI
param!

See comment 1 for more info

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Wainui Witika-Park <wainuiwitikapark@catalyst.net.nz>
(cherry picked from commit c92d38a6c603278e0d253c6e29731380c017ebb7)
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-note.inc
opac/opac-routing-lists.pl