[Koha] Potential XSS attack vector in opac
Liz Rea
liz at catalyst.net.nz
Wed Dec 10 12:15:26 NZDT 2014
Hi Bob,
Thanks for reporting this bug. In the future, it would be better for you
to file your bug at the community bugzilla - the large blue link here:
http://koha-community.org/security/
As a general reminder for everyone, please don't post your found
vulnerabilities to the public list. Security bugs should be reported at
the link above. Koha security bugs are restricted viewing to the
reporter, and the people listed who are in the security group, which
corresponds with those who need to be involved in organising an
out-of-sequence release to deal with serious security issues.
Thanks again for reporting the issue and helping to make Koha better.
Liz
On 10/12/14 11:42, Bob Ewart wrote:
> When our site was scanned for potential vulnerabilities...
>
>
> Bob Ewart
>
>
>
>
> _______________________________________________
> Koha mailing list http://koha-community.org
> Koha at lists.katipo.co.nz
> http://lists.katipo.co.nz/mailman/listinfo/koha
--
--
Liz Rea
Catalyst.Net Limited
Level 6, Catalyst House,
150 Willis Street, Wellington.
P.O Box 11053, Manners Street,
Wellington 6142
GPG: B149 A443 6B01 7386 C2C7 F481 B6c2 A49D 3726 38B7
More information about the Koha
mailing list