fix low-impact XSS

[freeside.git] / httemplate / edit / REAL_cust_pkg.cgi

diff --git a/httemplate/edit/REAL_cust_pkg.cgi b/httemplate/edit/REAL_cust_pkg.cgi
index 4bcf55c..99e911a 100755 (executable)
--- a/httemplate/edit/REAL_cust_pkg.cgi
+++ b/httemplate/edit/REAL_cust_pkg.cgi
@@ -70,7 +70,7 @@ function confirm_changes() {
 
   <TR>
     <TD ALIGN="right">Comment</TD>
-    <TD BGCOLOR="#ffffff"><% $part_pkg->comment %></TD>
+    <TD BGCOLOR="#ffffff"><% $part_pkg->comment |h %></TD>
   </TR>
 
   <TR>