]> git.koha-community.org Git - koha.git/commit
Bug 17026: Fix XSS in serials/checkexpiration.pl
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Tue, 2 Aug 2016 13:51:49 +0000 (14:51 +0100)
committerBrendan Gallagher <brendan@bywatersolutions.com>
Thu, 4 Aug 2016 18:13:31 +0000 (18:13 +0000)
commit9d00353a92487dcde654d88206fd5458448fff1b
tree375506373413a7567c081e44ed658cee70c6b8f5
parent66f81fc2101f194d39592bc28f3e2ff69764bc00
Bug 17026: Fix XSS in serials/checkexpiration.pl

Test plan:
Hit:
 /serials/checkexpiration.pl?title="><script>alert("XSS")</script>&date=12/02/2002
 /serials/checkexpiration.pl?issn="><script>alert("XSS")</script>&date=12/02/2002

=> Without this patch you will see the alert
=> With this patch, no more alert

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
koha-tmpl/intranet-tmpl/prog/en/modules/serials/checkexpiration.tt