Bug 16878: Fix XSS in opac-memberentry
The vars are gotten from the url and sent to the template as it. They
must be escaped.
Test plan:
I have not managed to create the original issue, so there is no test
plan for the XSS fix, but you can confirm there is no regression.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
(cherry picked from commit
9bdea2e3691fd62e777cc974f89b867a69eec9a8)
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
(cherry picked from commit
b505c6b7d636f262eadef82984b83b5194438724)
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
projects / koha.git / commit