From 4653a5209acf51cdc5977ff082d9b658f9959350 Mon Sep 17 00:00:00 2001 From: Amit Gupta Date: Tue, 15 Aug 2017 08:52:40 +0530 Subject: [PATCH] Bug 19103 - Stored XSS in itemtypes.pl To Test 1. Hit the page /cgi-bin/koha/admin/itemtypes.pl 2. Add a text in the field Description, Checkin message that contains js 2. Save the page. 3. Notice js is execute 4. Apply patch and reload, the js is escaped Signed-off-by: Katrin Fischer Signed-off-by: Marcel de Rooy Signed-off-by: Jonathan Druart (cherry picked from commit 18b5d4f1ababf560ff02a258de389f8c34cff9e4) Signed-off-by: Fridolin Somers --- koha-tmpl/intranet-tmpl/prog/en/modules/admin/itemtypes.tt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/itemtypes.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/itemtypes.tt index 0d0718748e..66b345ffea 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/itemtypes.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/itemtypes.tt @@ -376,7 +376,7 @@ Item types administration
[% END %] [% ELSE %] - [% itemtype.description %] + [% itemtype.description |html %] [% END %] [% itemtype.searchcategory %] @@ -387,7 +387,7 @@ Item types administration [% itemtype.rentalcharge | $Price %] [% END %] - [% itemtype.checkinmsg | html_line_break %] + [% itemtype.checkinmsg | html_line_break |html %] Edit Delete -- 2.11.4.GIT