fix part_pkg.comment xss

author: Ivan Kohler <ivan@freeside.biz> 2012-12-08 11:07:04 -0800
committer: Ivan Kohler <ivan@freeside.biz> 2012-12-08 11:07:04 -0800
commit: 786beb09ecbf02c572ca01c61353e163f0637dbd (patch)
tree: 1255f336e54bc4be5abd9e9d6e0bece5e279e311 /httemplate/edit
parent: fd4322f01b8c53b3f1f9e54ca15184930b0443de (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/httemplate/edit/agent_type.cgi b/httemplate/edit/agent_type.cgi
index 8a6fbc255..b75757fb1 100755
--- a/httemplate/edit/agent_type.cgi
+++ b/httemplate/edit/agent_type.cgi
@@ -20,7 +20,7 @@ Select which packages agents of this type may sell to customers<BR>
               'source_obj'    => $agent_type,
               'link_table'    => 'type_pkgs',
               'target_table'  => 'part_pkg',
-              'name_callback' => sub { $_[0]->pkg_comment(nopkgpart => 1); },
+              'name_callback' => sub { encode_entities( $_[0]->pkg_comment(nopkgpart => 1) ); },
               'target_link'   => $p.'edit/part_pkg.cgi?',
               'disable-able'  => 1,
author	Ivan Kohler <ivan@freeside.biz>	2012-12-08 11:07:04 -0800
committer	Ivan Kohler <ivan@freeside.biz>	2012-12-08 11:07:04 -0800
commit	786beb09ecbf02c572ca01c61353e163f0637dbd (patch)
tree	1255f336e54bc4be5abd9e9d6e0bece5e279e311 /httemplate/edit
parent	fd4322f01b8c53b3f1f9e54ca15184930b0443de (diff)