fix XSS

author: Ivan Kohler <ivan@freeside.biz> 2012-11-11 23:08:50 -0800
committer: Ivan Kohler <ivan@freeside.biz> 2012-11-11 23:08:50 -0800
commit: acbc4a9ff91b668197012772172af24b9cc42df6 (patch)
tree: dac458ec6fc08d322aefdc96b8decfc3634b5839 /httemplate/edit
parent: 1b0e3600f2004f0977c9906b3f7db56f3ca80f5d (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/httemplate/edit/cust_main/top_misc.html b/httemplate/edit/cust_main/top_misc.html
index 45152e183..558250cc2 100644
--- a/httemplate/edit/cust_main/top_misc.html
+++ b/httemplate/edit/cust_main/top_misc.html
@@ -76,7 +76,7 @@
   <TR>
     <TD ALIGN="right"><% mt('Referring customer') |h %></TD>
     <TD>
-      <A HREF="<% popurl(1) %>/cust_main.cgi?<% $cust_main->referral_custnum %>"><% $cust_main->referral_custnum %>: <% $referring_cust_main->name %></A>
+      <A HREF="<% popurl(1) %>/cust_main.cgi?<% $cust_main->referral_custnum %>"><% $cust_main->referral_custnum %>: <% $referring_cust_main->name |h %></A>
     </TD>
   </TR>
   <INPUT TYPE="hidden" NAME="referral_custnum" VALUE="<% $cust_main->referral_custnum %>">
author	Ivan Kohler <ivan@freeside.biz>	2012-11-11 23:08:50 -0800
committer	Ivan Kohler <ivan@freeside.biz>	2012-11-11 23:08:50 -0800
commit	acbc4a9ff91b668197012772172af24b9cc42df6 (patch)
tree	dac458ec6fc08d322aefdc96b8decfc3634b5839 /httemplate/edit
parent	1b0e3600f2004f0977c9906b3f7db56f3ca80f5d (diff)