[Koha-bugs] [Bug 3652] XSS vulnerabilities
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Oct 15 10:15:30 CEST 2012
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=3652
Magnus Enger <magnus at enger.priv.no> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #12808|0 |1
is obsolete| |
--- Comment #30 from Magnus Enger <magnus at enger.priv.no> ---
Created attachment 12809
-->
http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=12809&action=edit
Bug 3652: [SIGNED-OFF] XSS fixes - follow up
Fixes a typo in the html filter that causes a problem when using the
paging in the OPAC result lists.
(forgot to commit my change when testing the original XSS patches)
Signed-off-by: Magnus Enger <magnus at enger.priv.no>
I triggered the error with this query string:
/cgi-bin/koha/opac-search.pl?idx=kw&q=o'reilly&offset=40&sort_by=author_az
After applying the patch the error is gone.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list