projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 852bc45) | patch
Bug 17038: Fix XSS in catalogue/search.pl
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Wed, 3 Aug 2016 12:57:43 +0000 (13:57 +0100)
committerChris Cormack <chris@bigballofwax.co.nz>
Mon, 22 Aug 2016 19:39:34 +0000 (07:39 +1200)
commite552cd64bbb82a5e5dddc57568b6d2018ee59c95
tree7711f37195c045c7beb51d349187302cddcb8513tree | snapshot
parent852bc4525370f0dae43275bf3da65dea19fbde83commit | diff
Bug 17038: Fix XSS in catalogue/search.pl

Test plan:
Search for something like:
  \";alert(1)//135

=> Without this patch you will see the alert
=> With this patch, no more alert

Note that this fix the parameters idx, q and op

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/results.tt diff | blob | history
Mirror of git://git.koha-community.org/koha.git