projects / srvgit / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Bug 16597: Fix XSS in opac-shareshelf
[srvgit] / koha-tmpl / opac-tmpl / bootstrap / en / modules / opac-shareshelf.tt
diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shareshelf.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shareshelf.tt
index fe4179b..8ac96db 100644 (file)
--- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shareshelf.tt
+++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shareshelf.tt
@@ -32,7 +32,7 @@
         <div id="shareshelf" class="maincontent">
 
     [% IF errcode %]
-        [% IF errcode==1 && op %]<div class="alert">The operation [% op %] is not supported.</div>[% END %]
+        [% IF errcode==1 && op %]<div class="alert">The operation [% op | html %] is not supported.</div>[% END %]
         [% IF errcode==1 && !op %]<div class="alert">No operation parameter has been passed.</div>[% END %]
         [% IF errcode==2 %]<div class="alert">Invalid shelf number.</div>[% END %]
         [% IF errcode==3 %]<div class="alert">The feature of sharing lists is not in use in this library.</div>[% END %]
KOHA@FFZG based on git://git.koha.org/pub/scm/koha.git