[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Jan 7 10:45:29 CET 2016
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
Jonathan Druart <jonathan.druart at bugs.koha-community.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|Failed QA |Signed Off
--- Comment #104 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
(In reply to Katrin Fischer from comment #102)
Everything has been fixed in the following new commits:
commit 13faef4d28df0a70c2c89ab4317ebc2882fc3704
Bug 13618: Fix for system preference description
If a syspref description contains html tag, do not display them
commit 2879a9976549f84c9520d5778a45d8348845d7b4
Bug 13618: Do not display and html tags in item fields content
Note that there might be other occurrences to fix!
commit d8547698a47e83cdb7d321391cadddd4f26e5f85
Bug 13618: Do not display html tags in patron's notices
commit 58e62b53eda1110003d6c0b0cebc983c62bf2f46
Bug 13618: Fix for debarredcomment and patron messages
At the OPAC and intranet.
commit 0aefdddb394db1fab7287970ab0b80f3a92479e8
Bug 13618: (follow-up) Specific for other prefs
follow-up for SlipCSS
Remote branch updated.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list