[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Aug 28 11:54:39 CEST 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
Joonas Kylmälä <j.kylmala at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #41346|0 |1
is obsolete| |
--- Comment #51 from Joonas Kylmälä <j.kylmala at gmail.com> ---
Created attachment 42054
-->
http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=42054&action=edit
Bug 13618: Use Template::Stash::AutoEscaping to use the html filter
Test plan done and worked. I deleted the commits from 13609, and then applied
this and it also solved the xss vulnerability.
Signed-off-by: Joonas Kylmälä <j.kylmala at gmail.com>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list