[Bug 13618] Prevent XSS in the Staff Client and the OPAC
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618 Ere Maijala <ere.maijala@helsinki.fi> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ere.maijala@helsinki.fi --- Comment #244 from Ere Maijala <ere.maijala@helsinki.fi> --- Looks like escaping was added also to places where it doesn't belong. The examples I stumbled on were just setting a variable: https://github.com/Koha-Community/Koha/blob/master/koha-tmpl/intranet-tmpl/p... and https://github.com/Koha-Community/Koha/blob/master/koha-tmpl/intranet-tmpl/p... -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org