From 566980bc2744a8067be338f432c3a391db2aae42 Mon Sep 17 00:00:00 2001
From: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Date: Tue, 12 Sep 2017 10:35:10 -0300
Subject: [PATCH] Bug 19128: XSS - admin/authorised_values.tt

---
 .../prog/en/modules/admin/authorised_values.tt         | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/authorised_values.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/authorised_values.tt
index ec170a3645..7476c1bc10 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/authorised_values.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/authorised_values.tt
@@ -85,16 +85,16 @@ $(document).ready(function() {
             <input type="text" name="category"  id="category" size="32" maxlength="32" class="focus required" />
             <span class="required">Required</span>
 			 [% ELSE %]<span class="label">Category</span>
-		<input type="hidden" name="category" value="[% category %]" />	 [% category %]
+		<input type="hidden" name="category" value="[% category |html %]" />	 [% category |html %]
 			 [% END %]
         </li>
         <li>
             <label for="authorised_value">Authorized value: </label>
      [% IF ( action_modify ) %]<input type="hidden" id="id" name="id" value="[% id %]" />[% END %]
             [% IF ( action_add_category ) %]
-            <input type="text" id="authorised_value" name="authorised_value" value="[% authorised_value %]" maxlength="80" />
+            <input type="text" id="authorised_value" name="authorised_value" value="[% authorised_value |html %]" maxlength="80" />
             [% ELSE %]
-            <input type="text" id="authorised_value" name="authorised_value" value="[% authorised_value %]" maxlength="80" class="focus" />
+            <input type="text" id="authorised_value" name="authorised_value" value="[% authorised_value |html %]" maxlength="80" class="focus" />
             [% END %]
         </li>
         <li>
@@ -156,7 +156,7 @@ $(document).ready(function() {
   </div>
         </fieldset>
        <fieldset class="action"> <input type="hidden" name="id" value="[% id %]" />
-        <input type="submit" value="Save" /> <a class="cancel" href="/cgi-bin/koha/admin/authorised_values.pl?searchfield=[% category %]">Cancel</a></fieldset>
+        <input type="submit" value="Save" /> <a class="cancel" href="/cgi-bin/koha/admin/authorised_values.pl?searchfield=[% category | url %]">Cancel</a></fieldset>
     </form>
 [% END %]
 
@@ -263,7 +263,7 @@ $(document).ready(function() {
 [% ELSE %]
 <tr>
 [% END %]
-	<td>[% loo.authorised_value %]</td>
+	<td>[% loo.authorised_value | html %]</td>
     <td>[% loo.lib |html %]</td>
     <td>[% loo.lib_opac |html %]</td>
 	<td>[% IF ( loo.imageurl ) %]<img src="[% loo.imageurl %]" alt=""/>[% ELSE %]&nbsp;[% END %]</td>
-- 
2.39.5