[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Aug 21 01:04:43 CEST 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
--- Comment #45 from Liz Rea <liz at catalyst.net.nz> ---
On memberentrygen.tt, all of the cases for *popup are broken, they show the
html we're sending in that variable instead of the dropdown. Most of them are
conditional, the main reason I noticed was because of the Patron title: field.
Suspect there will be heaps of stuff like this.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list