[Koha-bugs] [Bug 11322] Suggestion "notes" field should be sanitized or escaped
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Dec 3 16:19:03 CET 2013
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11322
--- Comment #13 from Jacek Ablewicz <abl at biblos.pk.edu.pl> ---
Works as described for me too, thanks!
On related subject, I think we may have some similiar problems with
patron-submitted data in other places as well, e.g.: as a test I just submitted
"personal data" update request from OPAC via opac/opac-memberentry.pl, with JS
code in 'Address 2' field, and injected script seems to work in
members/members-update.pl. But I guess it would be better to assign separate
bug numbers for such further issues (if any)?
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list