[Bug 14408] Path traversal vulnerabilty
23 Jun
2015
23 Jun
'15
1:40 p.m.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14408 --- Comment #25 from Fridolin SOMERS <fridolin.somers@biblibre.com> --- There is a problem with some pages calling get_template_and_user with empty string in template_name : acqui/updatesupplier.pl opac/opac-ratings.pl tools/quotes/quotes_ajax.pl tools/quotes/quotes-upload_ajax.pl Should we accept empty string or correct those pages to use has_permission() ? -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
4041
Age (days ago)
4041
Last active (days ago)
0 comments
1 participants
participants (1)
-
bugzilla-daemon@bugs.koha-community.org