diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2013-01-19 11:34:08 -0800 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2013-01-19 11:34:08 -0800 |
| commit | 3f33d55b1cbbe497c3e21c8e26356ea649119c3b (patch) | |
| tree | 1b4a26c71dca90c7e1dbf557f4a5f0470ab6b882 | |
| parent | f7fdc0f14a69a2b90f7544ff594f2d448cf65f07 (diff) | |
fix XSS
| -rwxr-xr-x | fs_selfservice/FS-SelfService/cgi/signup.html | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs_selfservice/FS-SelfService/cgi/signup.html b/fs_selfservice/FS-SelfService/cgi/signup.html index 3c71e92c4..e6830c161 100755 --- a/fs_selfservice/FS-SelfService/cgi/signup.html +++ b/fs_selfservice/FS-SelfService/cgi/signup.html @@ -30,7 +30,7 @@ ' Signup form</FONT><BR><BR>'; %> -<FONT SIZE="+1" COLOR="#ff0000"><%= $error %></FONT> +<FONT SIZE="+1" COLOR="#ff0000"><%= encode_entities($error) %></FONT> <FORM NAME="OneTrueForm" ACTION="<%= $self_url %>" METHOD=POST onSubmit="document.OneTrueForm.signup.disabled=true"> <INPUT TYPE="hidden" NAME="prepaid_shortform" VALUE="<%= $prepaid_shortform %>"> |