[Koha] Potential XSS attack vector in opac
Chris Cormack
chrisc at catalyst.net.nz
Wed Dec 10 12:46:31 NZDT 2014
* Liz Rea (liz at catalyst.net.nz) wrote:
> Hi Bob,
>
> Thanks for reporting this bug. In the future, it would be better for you
> to file your bug at the community bugzilla - the large blue link here:
> http://koha-community.org/security/
>
> As a general reminder for everyone, please don't post your found
> vulnerabilities to the public list. Security bugs should be reported at
> the link above. Koha security bugs are restricted viewing to the
> reporter, and the people listed who are in the security group, which
> corresponds with those who need to be involved in organising an
> out-of-sequence release to deal with serious security issues.
>
> Thanks again for reporting the issue and helping to make Koha better.
>
Hi All
I have reported the bug, and I am just uploading a couple of patches,
(one for master/3.18 which is bootstrap) and one for 3.16 which has
the change for bootstrap and prog
Chris
--
Chris Cormack
Catalyst IT Ltd.
+64 4 803 2238
PO Box 11-053, Manners St, Wellington 6142, New Zealand
More information about the Koha
mailing list