[Koha-bugs] [Bug 19611] XSS Flaws in supplier.pl
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Sun Nov 12 16:47:16 CET 2017
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19611
Amit Gupta <amitddng135 at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |amitddng135 at gmail.com
--- Comment #1 from Amit Gupta <amitddng135 at gmail.com> ---
Created attachment 69099
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=69099&action=edit
Bug 19611 - XSS Flaws in supplier.pl
Test
1. Hit the page /cgi-bin/koha/acqui/supplier.pl?op=enter
2. Add a text in the field Name that contains java script
3. Save the page.
4. Notice js is execute
5. Apply patch and reload the js is escaped
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list