fix XSS

[freeside.git] / httemplate / elements / dashboard-toplist.html

diff --git a/httemplate/elements/dashboard-toplist.html b/httemplate/elements/dashboard-toplist.html
index c6362e0..f4a3725 100644 (file)
--- a/httemplate/elements/dashboard-toplist.html
+++ b/httemplate/elements/dashboard-toplist.html
@@ -21,7 +21,7 @@
      
         <TR>
          <TD CLASS="grid" BGCOLOR="<% $bgcolor %>">
-           <A HREF="view/cust_main.cgi?<% $custnum %>"><% $cust_main->name %></A>
+           <A HREF="view/cust_main.cgi?<% $custnum %>"><% $cust_main->name |h %></A>
          </TD>
           <TD CLASS="grid" BGCOLOR="<% $bgcolor %>">
             <& /elements/mcp_lint.html, 'cust_main'=>$cust_main &>