fix XSS

[freeside.git] / httemplate / search / cust_main.cgi

diff --git a/httemplate/search/cust_main.cgi b/httemplate/search/cust_main.cgi
index 8e3c813..2c09c69 100755 (executable)
--- a/httemplate/search/cust_main.cgi
+++ b/httemplate/search/cust_main.cgi
@@ -244,7 +244,7 @@
 %      my $pkg_rowspan = shift @pkg_rowspans;
 
         <% $n1 %><TD CLASS="grid" BGCOLOR="<% $bgcolor %>"  ROWSPAN="<% $pkg_rowspan%>">
-            <A HREF="<% $pkgview %>"><FONT SIZE=-1><% $pkg_comment %></FONT></A>
+            <A HREF="<% $pkgview %>"><FONT SIZE=-1><% $pkg_comment |h %></FONT></A>
         </TD>
 
 %       my $n2 = '';