[Koha-bugs] [Bug 2026] Comments allow unsanitized input
bugzilla-daemon at pippin.metavore.com
bugzilla-daemon at pippin.metavore.com
Thu May 1 00:10:36 CEST 2008
http://bugs.koha.org/cgi-bin/bugzilla/show_bug.cgi?id=2026
------- Comment #1 from galen.charlton at liblime.com 2008-04-30 15:10 -------
Patch submitted that partially addresses this by using HTML encoding/escaping
when displaying comments in staff and OPAC. Complete fix would implement some
kind of scrubbing so that unsafe tags are not even stored in the database.
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the Koha-bugs
mailing list