From aa628f89fd356d6d4d975e68419844cb94d1cb73 Mon Sep 17 00:00:00 2001 From: Amit Gupta Date: Wed, 16 Aug 2017 17:56:17 +0530 Subject: [PATCH] Bug 19127 - Stored XSS in csv-profiles.pl To Test 1. Hit the page /cgi-bin/koha/tools/csv-profiles.pl?op=add_form 2. Add a text in the field Profile name, Profile description and Profile MARC fields that contains js 3. Save the page. 4. Notice js is execute 5. Apply patch and reload, the js is escaped Signed-off-by: Katrin Fischer Signed-off-by: Marcel de Rooy Signed-off-by: Jonathan Druart (cherry picked from commit 7a3ee2dd8cb233d083d8a7b8636eca7c6d518b8b) Signed-off-by: Fridolin Somers (cherry picked from commit 9b4777878f59c7a0c3653f54b6a2cff85bb278a8) Signed-off-by: Katrin Fischer --- .../intranet-tmpl/prog/en/modules/tools/csv-profiles.tt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/tools/csv-profiles.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/tools/csv-profiles.tt index 4a645e5751..5ac8750b7a 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/tools/csv-profiles.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/tools/csv-profiles.tt @@ -238,9 +238,9 @@ function reloadPage(p) { [% FOREACH csv_profile IN csv_profiles %] [% csv_profile.export_format_id %] - [% csv_profile.profile %] - [% csv_profile.description %] - [% csv_profile.content %] + [% csv_profile.profile |html %] + [% csv_profile.description |html %] + [% csv_profile.content |html %] [% csv_profile.csv_separator %] [% IF csv_profile.type == 'sql' %] SQL -- 2.39.5