http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618 --- Comment #55 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- (In reply to Joonas Kylmälä from comment #52)
(In reply to Joonas Kylmälä from comment #51)
Created attachment 42054 [details] [review] [review] Bug 13618: Use Template::Stash::AutoEscaping to use the html filter
Test plan done and worked. I deleted the commits from 13609, and then applied this and it also solved the xss vulnerability.
Signed-off-by: Joonas Kylmälä <j.kylmala@gmail.com>
Thought it worked, but now noticed it broked the html in /cgi-bin/koha/opac-tags.pl?mine=1 (my tags in opac). Under the title column it only shows html as plain text.
"Bug 13618: Specific for other prefs" reuploaded, OPACMySummaryNote was not correctly managed. New patch "Specific for XSLTBloc" should fix your issue -- You are receiving this mail because: You are watching all bug changes.