fix XSS

[freeside.git] / httemplate / edit / bulk-part_pkg.html

diff --git a/httemplate/edit/bulk-part_pkg.html b/httemplate/edit/bulk-part_pkg.html
index 751bf7e..a1c6f0c 100644 (file)
--- a/httemplate/edit/bulk-part_pkg.html
+++ b/httemplate/edit/bulk-part_pkg.html
@@ -12,7 +12,7 @@
 The following packages will be changed:<BR>
 % foreach my $pkgpart (sort keys(%part_pkg)) {
 <INPUT TYPE="hidden" NAME="pkgpart" VALUE="<% $pkgpart %>">
-<% $part_pkg{$pkgpart}->pkg_comment %><BR>
+<% $part_pkg{$pkgpart}->pkg_comment |h %><BR>
 % }
 </DIV>
 <BR>