diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2013-03-28 17:49:41 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2013-03-28 17:49:41 -0700 |
| commit | de1f3ef204d75ae89d81e7f7177ac1b740c6abc7 (patch) | |
| tree | 3fcdaf65c8767b6958c480d307d86f2d5c9d493e | |
| parent | 44701d76a4394ef735d67ad4aa7cce2ffc65f26a (diff) | |
fix XSS
| -rwxr-xr-x | httemplate/search/cust_main.cgi | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/httemplate/search/cust_main.cgi b/httemplate/search/cust_main.cgi index 450412160..224166b70 100755 --- a/httemplate/search/cust_main.cgi +++ b/httemplate/search/cust_main.cgi @@ -268,7 +268,7 @@ % my $pkg_rowspan = shift @pkg_rowspans; <% $n1 %><TD CLASS="grid" BGCOLOR="<% $bgcolor %>" ROWSPAN="<% $pkg_rowspan%>"> - <A HREF="<% $pkgview %>"><FONT SIZE=-1><% $pkg_comment %></FONT></A> + <A HREF="<% $pkgview %>"><FONT SIZE=-1><% $pkg_comment |h %></FONT></A> </TD> % my $n2 = ''; |