diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2012-11-11 22:20:19 -0800 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2012-11-11 22:20:19 -0800 |
| commit | b2101823682f3738f5b367d2c1f2a7c6d47cdad1 (patch) | |
| tree | 861ad1cfbf0db4279ccef14a3a6967376e4751a7 /httemplate/index.html | |
| parent | f06a0610477b0ba8e1931722c3105b880fbc35c3 (diff) | |
fix XSS
Diffstat (limited to 'httemplate/index.html')
| -rw-r--r-- | httemplate/index.html | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/httemplate/index.html b/httemplate/index.html index 71926aa..bc51e6a 100644 --- a/httemplate/index.html +++ b/httemplate/index.html @@ -46,7 +46,7 @@ % next unless $cust_main; <TR> - <TD CLASS="grid" BGCOLOR="<% $bgcolor %>"><A HREF="view/cust_main.cgi?<% $custnum %>"><% $cust_main->display_custnum %>: <% $cust_main->name %></A></TD> + <TD CLASS="grid" BGCOLOR="<% $bgcolor %>"><A HREF="view/cust_main.cgi?<% $custnum %>"><% $cust_main->display_custnum %>: <% $cust_main->name |h %></A></TD> </TR> % if ( $bgcolor eq $bgcolor1 ) { |