projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ce8ddbf) | patch
Bug 18726: Fix XSS at the OPAC - biblionumber
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Wed, 9 Aug 2017 17:08:24 +0000 (14:08 -0300)
committerFridolin Somers <fridolin.somers@biblibre.com>
Wed, 23 Aug 2017 14:53:14 +0000 (16:53 +0200)
commit5380e93aca3376e1526e79d02169c8a4d877d645
tree6a158a51359f98ac25ee59b86646e9fb7bc60c56tree | snapshot
parentce8ddbf8ea7d463a822a70f474310b8b618d6347commit | diff
Bug 18726: Fix XSS at the OPAC - biblionumber

The biblionumber parameter is sent by the user, we must escape all of
them to avoid XSS.

Fixes: Cross-site scripting OPAC pages

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 0676334968c27337cc1f3a3407ac6eeaef75f201)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-bottom.inc diff | blob | history
koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-detail-sidebar.inc diff | blob | history
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-ISBDdetail.tt diff | blob | history
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-MARCdetail.tt diff | blob | history
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-alert-subscribe.tt diff | blob | history
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-detail.tt diff | blob | history
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-full-serial-issues.tt diff | blob | history
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-serial-issues.tt diff | blob | history
Main Koha release repository