XSS fix

author: gjones2 <gary@pointblanksecurity.com> 2013-01-17 12:25:04 -0500
committer: gjones2 <gary@pointblanksecurity.com> 2013-01-17 12:25:04 -0500
commit: eb64daf19f6bafd938818a710c23513dd80092c8 (patch)
tree: 9d9dd052aec5f2f11f9c2565f9b0a4729bb933cc /fs_selfservice
parent: 7f8a7298e6a68c2b95e0c4a30d411889046f48b8 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/fs_selfservice/FS-SelfService/cgi/signup.html b/fs_selfservice/FS-SelfService/cgi/signup.html
index 3c71e92c4..e6830c161 100755
--- a/fs_selfservice/FS-SelfService/cgi/signup.html
+++ b/fs_selfservice/FS-SelfService/cgi/signup.html
@@ -30,7 +30,7 @@
          ' Signup form</FONT><BR><BR>';
 %>
 
-<FONT SIZE="+1" COLOR="#ff0000"><%= $error %></FONT>
+<FONT SIZE="+1" COLOR="#ff0000"><%= encode_entities($error) %></FONT>
 
 <FORM NAME="OneTrueForm" ACTION="<%= $self_url %>" METHOD=POST onSubmit="document.OneTrueForm.signup.disabled=true">
 <INPUT TYPE="hidden" NAME="prepaid_shortform" VALUE="<%= $prepaid_shortform %>">
author	gjones2 <gary@pointblanksecurity.com>	2013-01-17 12:25:04 -0500
committer	gjones2 <gary@pointblanksecurity.com>	2013-01-17 12:25:04 -0500
commit	eb64daf19f6bafd938818a710c23513dd80092c8 (patch)
tree	9d9dd052aec5f2f11f9c2565f9b0a4729bb933cc /fs_selfservice
parent	7f8a7298e6a68c2b95e0c4a30d411889046f48b8 (diff)