From: Mitch Jackson <mitch@freeside.biz>
Date: Tue, 23 Oct 2018 22:49:05 +0000 (-0400)
Subject: RT# 74031 Fix XSS
X-Git-Url: http://git.freeside.biz/gitweb/?a=commitdiff_plain;h=f1d7da36b1cb88df944ad7fb39967b63a29183e5;p=freeside.git

RT# 74031 Fix XSS
---

diff --git a/httemplate/browse/realestate_unit.html b/httemplate/browse/realestate_unit.html
index 399cd2583..a2fff7bc2 100644
--- a/httemplate/browse/realestate_unit.html
+++ b/httemplate/browse/realestate_unit.html
@@ -41,8 +41,8 @@
     'unit_title',
     sub {
       return '' unless $_[0]->custnum;
-      return $_[0]->company if $_[0]->company;
-      return $_[0]->first.' '.$_[0]->last;
+      return encode_entities( $_[0]->company ) if $_[0]->company;
+      return encode_entities( $_[0]->first.' '.$_[0]->last );
     },
   ],
   links => [