Bug 22478: Prevent XSS vulnerabilities when pagination appears
This is a bad one as we thought we were XSS safe since bug 13618.
The html code generated in C4::Output::pagination_bar must escape the
variables and values correctly.
This patch needs to be widely tested, everywhere the pagination appears,
to make sure we will not introduce regressions.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit
d4d1107afa873614ace241557e424de0dcbad20a)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit
f7b12a1cf3da62d8ed884692b4161dca1d456bfe)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
projects / koha.git / commit