]> git.koha-community.org Git - koha.git/commit
Bug 22478: Prevent XSS vulnerabilities when pagination appears
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Thu, 14 Mar 2019 22:42:50 +0000 (19:42 -0300)
committerMartin Renvoize <martin.renvoize@ptfs-europe.com>
Mon, 29 Apr 2019 09:43:11 +0000 (10:43 +0100)
commitd4d1107afa873614ace241557e424de0dcbad20a
tree09e673bea5a1c4a392a37958da2cc71a66736a24
parentebc15764ff3371a9327cfe60c22c1186e5a200ae
Bug 22478: Prevent XSS vulnerabilities when pagination appears

This is a bad one as we thought we were XSS safe since bug 13618.

The html code generated in C4::Output::pagination_bar must escape the
variables and values correctly.

This patch needs to be widely tested, everywhere the pagination appears,
to make sure we will not introduce regressions.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
C4/Output.pm