projects / koha.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw
Bug 19738: Fix XSS on vendor name in serials module
[koha.git] / koha-tmpl / intranet-tmpl / prog / en / modules / serials / subscription-detail.tt
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/serials/subscription-detail.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/serials/subscription-detail.tt
index 670a9c0..a160fc8 100644 (file)
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/serials/subscription-detail.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/serials/subscription-detail.tt
@@ -87,7 +87,7 @@ $(document).ready(function() {
                <ol>
                <li><span class="label">Subscription ID: </span>[% subscriptionid %]</li>
         <li><span class="label">Librarian identity:</span> [% librarian %]</li>
-        <li><span class="label">Vendor:</span> <a href="/cgi-bin/koha/acqui/supplier.pl?booksellerid=[% aqbooksellerid %]">[% aqbooksellername %]</a></li>
+        <li><span class="label">Vendor:</span> <a href="/cgi-bin/koha/acqui/supplier.pl?booksellerid=[% aqbooksellerid %]">[% aqbooksellername |html %]</a></li>
         <li><span class="label">Biblio:</span>  <a href="/cgi-bin/koha/catalogue/[% default_bib_view %].pl?biblionumber=[% bibnum %]">[% bibliotitle %]</a> <i>([% bibnum %])</i></li>
         [% IF ( OPACBaseURL ) %]
             <li>
Mirror of git://git.koha-community.org/koha.git