diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2013-02-17 15:23:58 -0800 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2013-02-17 15:23:58 -0800 |
| commit | f6c799b390c1fabbf8ca3d7798088d94dfcc4f21 (patch) | |
| tree | fb2a0e6f7f462e515c9f7b9b3b571e071db9157a | |
| parent | 4a1dfeb36af2cd5721944ab9096f783634867718 (diff) | |
fix low-impact XSS
| -rwxr-xr-x | httemplate/edit/REAL_cust_pkg.cgi | 2 | ||||
| -rw-r--r-- | httemplate/edit/cust_pkg_detail.html | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/httemplate/edit/REAL_cust_pkg.cgi b/httemplate/edit/REAL_cust_pkg.cgi index 166a3b7ea..05516b921 100755 --- a/httemplate/edit/REAL_cust_pkg.cgi +++ b/httemplate/edit/REAL_cust_pkg.cgi @@ -38,7 +38,7 @@ <TR> <TD ALIGN="right">Comment</TD> - <TD BGCOLOR="#ffffff"><% $part_pkg->comment %></TD> + <TD BGCOLOR="#ffffff"><% $part_pkg->comment |h %></TD> </TR> <TR> diff --git a/httemplate/edit/cust_pkg_detail.html b/httemplate/edit/cust_pkg_detail.html index 009ed5c6e..5e107066d 100644 --- a/httemplate/edit/cust_pkg_detail.html +++ b/httemplate/edit/cust_pkg_detail.html @@ -28,7 +28,7 @@ <TR> <TD ALIGN="right">Comment</TD> - <TD BGCOLOR="#ffffff"><% $part_pkg->comment %></TD> + <TD BGCOLOR="#ffffff"><% $part_pkg->comment |h %></TD> </TR> <TR> |