https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27286
Bug ID: 27286
Summary: Patron picture-upload.pl allows arbitrary file
extension during upload
Change sponsored?: ---
Product: Koha
Version: 20.05
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Patrons
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected], [email protected]
Created attachment 114546
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=114546&action=edit
Double extension or wrong extension in picture file upload
The IT team has flagged two issues with the picture upload tool (Patron Images
feature):
1. The tool allows upload of files with double extension.
2. The tool allows upload of files with arbitrary file extension.
In essence, the tool does not validate the image file restriction that is
mentioned in the top of upload input tag which is:
"Only PNG, GIF, JPEG, XPM formats are supported."
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
