4 Aug
2017
4 Aug
'17
7:17 a.m.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19034 --- Comment #1 from Amit Gupta <amitddng135@gmail.com> --- Created attachment 65485 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=65485&action=edit Bug 19034 - XSS Flaws in Patron categories pages 1. Hit /cgi-bin/koha/admin/categories.pl 2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> search patron categories box. 3. Notice the iframe is executed. 4. Apply patch. 5. Reload page, and enter iframe again on search patron categories box. 6. Notice it is no longer executed. -- You are receiving this mail because: You are watching all bug changes.