stale leftovers from XSSmas

[freeside.git] / httemplate / elements / tr-select-reason.html

diff --git a/httemplate/elements/tr-select-reason.html b/httemplate/elements/tr-select-reason.html
index 2639a9d..4051e7d 100755 (executable)
--- a/httemplate/elements/tr-select-reason.html
+++ b/httemplate/elements/tr-select-reason.html
@@ -86,7 +86,7 @@
   <TD ALIGN="right">
     <P id="new<% $id %>Label" style="display:<% $display %>">New Reason</P>
   </TD>
-  <TD><INPUT id="new<% $id %>" name="new<% $name %>" type="text" value="<% $init_newreason %>" "<% $disabled %>" style="display:<% $display %>"></TD>
+  <TD><INPUT id="new<% $id %>" name="new<% $name %>" type="text" value="<% $init_newreason |h %>" "<% $disabled %>" style="display:<% $display %>"></TD>
 </TR>
 
 <%init>