[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC

Thu Jan 7 10:45:29 CET 2016

http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618

Jonathan Druart <jonathan.druart at bugs.koha-community.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|Failed QA                   |Signed Off

--- Comment #104 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
(In reply to Katrin Fischer from comment #102)

Everything has been fixed in the following new commits:

commit 13faef4d28df0a70c2c89ab4317ebc2882fc3704
    Bug 13618: Fix for system preference description    
        If a syspref description contains html tag, do not display them

commit 2879a9976549f84c9520d5778a45d8348845d7b4
    Bug 13618: Do not display   and html tags in item fields content
        Note that there might be other occurrences to fix!

commit d8547698a47e83cdb7d321391cadddd4f26e5f85
    Bug 13618: Do not display html tags in patron's notices

commit 58e62b53eda1110003d6c0b0cebc983c62bf2f46
    Bug 13618: Fix for debarredcomment and patron messages    
        At the OPAC and intranet.

commit 0aefdddb394db1fab7287970ab0b80f3a92479e8
    Bug 13618: (follow-up) Specific for other prefs    
        follow-up for SlipCSS

Remote branch updated.

-- 
You are receiving this mail because:
You are watching all bug changes.