[Koha-bugs] [Bug 18633] New: Logs are full of CGI:: param called in list context - itemsearch.pl
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu May 18 22:09:30 CEST 2017
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18633
Bug ID: 18633
Summary: Logs are full of CGI::param called in list context -
itemsearch.pl
Change sponsored?: ---
Product: Koha
Version: unspecified
Hardware: All
OS: All
Status: ASSIGNED
Severity: normal
Priority: P5 - low
Component: Architecture, internals, and plumbing
Assignee: julian.maurice at biblibre.com
Reporter: jonathan.druart at bugs.koha-community.org
QA Contact: testopia at bugs.koha-community.org
The use of the CGI TT plugin in catalogue/itemsearch.tt floods logs with:
itemsearch.pl: CGI::param called in list context from package
Template::Document line 118, this can lead to vulnerabilities. See the warning
in "Fetching the value or values of a single named parameter" at
/usr/share/perl5/CGI.pm line 436., referer: http://xxx/cgi-bin/koha/about.pl
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list