https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Text to go in the|This important improvement |RMaint Note: The inclusion release notes|to Koha's security policy |of bug 22007 in 18.11.02 |greatly decreases the |means this enhancement bug |likelihood of XSS |gets added to the release |vulnerabilities being |notes.. It should be |introduced into the Koha |removed before release! |codebase moving forward. We | |have introduced the | |requirement for all | |variables inside templates | |to be passed through a | |filter and added a test to | |check this requirement is | |being upheld. | -- You are receiving this mail because: You are watching all bug changes.