[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Sep 14 11:35:11 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
--- Comment #250 from Marcel de Rooy <m.de.rooy at rijksmuseum.nl> ---
Lesson pasted from bug 21293:
All occurrences of [% var = something | html %] are error prone. If something
is not a string, but an object, array, hash etc., we are in trouble.
This probably needs more attention since we are passing objects to templates in
more scripts.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list