fix XSS

author: Ivan Kohler <ivan@freeside.biz> 2012-11-11 23:08:47 -0800
committer: Ivan Kohler <ivan@freeside.biz> 2012-11-11 23:08:47 -0800
commit: 3d18177c158acc492e9322677b11c8089df0fbc0 (patch)
tree: 35aa13c4c6da9181fa2e987d3619132773d047d4 /httemplate/edit/cust_main
parent: 4ee7d66497689819f80f29795b93f0ba564141e7 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/httemplate/edit/cust_main/top_misc.html b/httemplate/edit/cust_main/top_misc.html
index 7ce283c6c..cfed8e4f6 100644
--- a/httemplate/edit/cust_main/top_misc.html
+++ b/httemplate/edit/cust_main/top_misc.html
@@ -114,7 +114,7 @@
   <TR>
     <TD ALIGN="right"><% mt('Referring customer') |h %></TD>
     <TD>
-      <A HREF="<% popurl(1) %>/cust_main.cgi?<% $cust_main->referral_custnum %>"><% $cust_main->referral_custnum %>: <% $referring_cust_main->name %></A>
+      <A HREF="<% popurl(1) %>/cust_main.cgi?<% $cust_main->referral_custnum %>"><% $cust_main->referral_custnum %>: <% $referring_cust_main->name |h %></A>
     </TD>
   </TR>
   <INPUT TYPE="hidden" NAME="referral_custnum" VALUE="<% $cust_main->referral_custnum %>">
author	Ivan Kohler <ivan@freeside.biz>	2012-11-11 23:08:47 -0800
committer	Ivan Kohler <ivan@freeside.biz>	2012-11-11 23:08:47 -0800
commit	3d18177c158acc492e9322677b11c8089df0fbc0 (patch)
tree	35aa13c4c6da9181fa2e987d3619132773d047d4 /httemplate/edit/cust_main
parent	4ee7d66497689819f80f29795b93f0ba564141e7 (diff)