diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2012-12-08 11:07:04 -0800 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2012-12-08 11:07:04 -0800 |
| commit | 786beb09ecbf02c572ca01c61353e163f0637dbd (patch) | |
| tree | 1255f336e54bc4be5abd9e9d6e0bece5e279e311 /httemplate/edit | |
| parent | fd4322f01b8c53b3f1f9e54ca15184930b0443de (diff) | |
fix part_pkg.comment xss
Diffstat (limited to 'httemplate/edit')
| -rwxr-xr-x | httemplate/edit/agent_type.cgi | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/httemplate/edit/agent_type.cgi b/httemplate/edit/agent_type.cgi index 8a6fbc255..b75757fb1 100755 --- a/httemplate/edit/agent_type.cgi +++ b/httemplate/edit/agent_type.cgi @@ -20,7 +20,7 @@ Select which packages agents of this type may sell to customers<BR> 'source_obj' => $agent_type, 'link_table' => 'type_pkgs', 'target_table' => 'part_pkg', - 'name_callback' => sub { $_[0]->pkg_comment(nopkgpart => 1); }, + 'name_callback' => sub { encode_entities( $_[0]->pkg_comment(nopkgpart => 1) ); }, 'target_link' => $p.'edit/part_pkg.cgi?', 'disable-able' => 1, |