diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2012-11-11 22:18:50 -0800 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2012-11-11 22:18:50 -0800 |
| commit | f06a0610477b0ba8e1931722c3105b880fbc35c3 (patch) | |
| tree | ab3229ca693a4d9c0d7b3405024f00d5ac3f4b5b /FS/FS/UI/Web | |
| parent | c9015995b5ae64e0eaaa89ff75eb43c88186642c (diff) | |
fix XSS
Diffstat (limited to 'FS/FS/UI/Web')
| -rw-r--r-- | FS/FS/UI/Web/small_custview.pm | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/FS/FS/UI/Web/small_custview.pm b/FS/FS/UI/Web/small_custview.pm index 43d7613..e4b5421 100644 --- a/FS/FS/UI/Web/small_custview.pm +++ b/FS/FS/UI/Web/small_custview.pm @@ -88,7 +88,7 @@ sub small_custview { $html .= '<TD VALIGN="top">'. ntable("#cccccc",2). '<TR><TD ALIGN="right" VALIGN="top">Service<BR>Address</TD><TD BGCOLOR="#ffffff">'; $html .= join('<BR>', - grep $_, + map encode_entities($_), grep $_, $cust_main->contact, $cust_main->company, $ship->address1, |