diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2013-03-28 17:49:40 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2013-03-28 17:49:40 -0700 |
| commit | 305bd1ffe9c46db5fefffcc41ef6f256374293ee (patch) | |
| tree | 474595b1deec2ff161b26eee7fd9afefa68ba95b | |
| parent | 23f228d5db4ae99722235a8739aea046a0b434cd (diff) | |
fix XSS
| -rwxr-xr-x | httemplate/search/cust_main.cgi | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/httemplate/search/cust_main.cgi b/httemplate/search/cust_main.cgi index 8e3c8133e..2c09c692c 100755 --- a/httemplate/search/cust_main.cgi +++ b/httemplate/search/cust_main.cgi @@ -244,7 +244,7 @@ % my $pkg_rowspan = shift @pkg_rowspans; <% $n1 %><TD CLASS="grid" BGCOLOR="<% $bgcolor %>" ROWSPAN="<% $pkg_rowspan%>"> - <A HREF="<% $pkgview %>"><FONT SIZE=-1><% $pkg_comment %></FONT></A> + <A HREF="<% $pkgview %>"><FONT SIZE=-1><% $pkg_comment |h %></FONT></A> </TD> % my $n2 = ''; |