[Koha-bugs] [Bug 15771] New: CGI::escapeHTML should not be used anymore
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Feb 9 16:41:10 CET 2016
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15771
Bug ID: 15771
Summary: CGI::escapeHTML should not be used anymore
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: ASSIGNED
Severity: normal
Priority: P5 - low
Component: System Administration
Assignee: jonathan.druart at bugs.koha-community.org
Reporter: jonathan.druart at bugs.koha-community.org
QA Contact: testopia at bugs.koha-community.org
CC: gmcharlt at gmail.com
Depends on: 13618
In admin/auth_subfields_structure.pl, admin/marc_subfields_structure.pl and
catalogue/image.pl, the pl script escapes html characters.
Since bug 13618 has been pushed, this method should not be used anymore.
Referenced Bugs:
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
[Bug 13618] Prevent XSS in the Staff Client and the OPAC
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list