From: Ivan Kohler <ivan@freeside.biz>
Date: Fri, 29 Mar 2013 00:49:41 +0000 (-0700)
Subject: fix XSS
X-Git-Url: http://git.freeside.biz/gitweb/?a=commitdiff_plain;h=de1f3ef204d75ae89d81e7f7177ac1b740c6abc7;p=freeside.git

fix XSS
---

diff --git a/httemplate/search/cust_main.cgi b/httemplate/search/cust_main.cgi
index 450412160..224166b70 100755
--- a/httemplate/search/cust_main.cgi
+++ b/httemplate/search/cust_main.cgi
@@ -268,7 +268,7 @@
 %      my $pkg_rowspan = shift @pkg_rowspans;
 
         <% $n1 %><TD CLASS="grid" BGCOLOR="<% $bgcolor %>"  ROWSPAN="<% $pkg_rowspan%>">
-            <A HREF="<% $pkgview %>"><FONT SIZE=-1><% $pkg_comment %></FONT></A>
+            <A HREF="<% $pkgview %>"><FONT SIZE=-1><% $pkg_comment |h %></FONT></A>
         </TD>
 
 %       my $n2 = '';