From 53309fab4b3c2b15a1c15797be392a9ace982b47 Mon Sep 17 00:00:00 2001 From: Chris Cormack Date: Mon, 8 Oct 2012 21:30:49 +1300 Subject: [PATCH] Bug 3652 : [SIGNED-OFF] [SECURITY] XSS vulnerability Signed-off-by: Magnus Enger Works as advertised. After applying the patch, fish is displayed on the page, but no blinking occurs. Signed-off-by: Magnus Enger Signed-off-by: Paul Poulain --- koha-tmpl/opac-tmpl/prog/en/modules/opac-shelves.tt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-shelves.tt b/koha-tmpl/opac-tmpl/prog/en/modules/opac-shelves.tt index 9e782fbd43..471dddb563 100644 --- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-shelves.tt +++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-shelves.tt @@ -223,7 +223,7 @@ $(function() { [% END %] [% IF ( paramsloo.nopermission ) %] -
ERROR: You do not have adequate permission for that action on list [% paramsloo.nopermission %].
+
ERROR: You do not have adequate permission for that action on list [% paramsloo.nopermission |html%].
[% END %] [% IF ( paramsloo.failgetitem ) %]
ERROR: No item found with barcode [% paramsloo.failgetitem %].
-- 2.39.5