[Koha-bugs] [Bug 5131] XSS vulnerability in the OPAC search results interface
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Aug 13 02:04:39 CEST 2010
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=5131
Robin Sheat <robin at catalyst.net.nz> changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|critical |major
--- Comment #1 from Robin Sheat <robin at catalyst.net.nz> 2010-08-13 00:04:39 UTC ---
Oh, it's not all that bad after all - you can't inject arbitrary code, but you
can still overwrite any TMPL_VAR.
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
More information about the Koha-bugs
mailing list