]> git.koha-community.org Git - koha.git/commit
Bug 19614: Fix XSS in members/pay.pl
authorAmit Gupta <amit.gupta@informaticsglobal.com>
Mon, 13 Nov 2017 03:57:44 +0000 (09:27 +0530)
committerJonathan Druart <jonathan.druart@bugs.koha-community.org>
Tue, 9 Jan 2018 19:01:40 +0000 (16:01 -0300)
commitfeeab2b3a0f78a600560395326b4538104e25ff1
tree33bd6ee1a687b400bb70115fc7627dc6b193889e
parent99797acd83116f0f182a55cc847adddd42b4f558
Bug 19614: Fix XSS in members/pay.pl

To Test
1. Hit the page /cgi-bin/koha/members/memberentry.pl
2. Add a text in the field firstname, surname that contains js
3. Save the page.
4. click on fine tab
5. Notice js is execute
6. Apply patch and reload, the js is escaped

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
koha-tmpl/intranet-tmpl/prog/en/modules/members/pay.tt