From bugzilla-daemon@kohaorg.ec2.liblime.com Tue Nov 3 23:48:30 2009 From: bugzilla-daemon@kohaorg.ec2.liblime.com To: koha-bugs@lists.koha-community.org Subject: [Koha-bugs] [Bug 3759] XSS Exploit in Search Results. Date: Tue, 03 Nov 2009 22:45:00 +0000 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0441669905959945733==" --===============0441669905959945733== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3D3759 Mikhail Davidov changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sirusdv@pwnzord.com --=20 Configure bugmail: http://bugs.koha.org/cgi-bin/bugzilla3/userprefs.cgi?tab= =3Demail ------- You are receiving this mail because: ------- You are watching all bug changes. --===============0441669905959945733==-- From bugzilla-daemon@kohaorg.ec2.liblime.com Tue Nov 3 23:48:35 2009 From: bugzilla-daemon@kohaorg.ec2.liblime.com To: koha-bugs@lists.koha-community.org Subject: [Koha-bugs] [Bug 3759] New: XSS Exploit in Search Results. Date: Tue, 03 Nov 2009 22:44:14 +0000 Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0125512667569512128==" --===============0125512667569512128== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3D3759 Summary: XSS Exploit in Search Results. Product: Koha Version: unspecified Platform: All OS/Version: All Status: NEW Severity: major Priority: P5 Component: Searching AssignedTo: jmf@liblime.com ReportedBy: sirusdv@pwnzord.com Estimated Hours: 0.0 Change sponsored?: --- Example: /cgi-bin/koha/opac-search.pl?q=3D