projects / freeside.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 23f228d)
fix XSS
authorIvan Kohler <ivan@freeside.biz>
Fri, 29 Mar 2013 00:49:40 +0000 (17:49 -0700)
committerIvan Kohler <ivan@freeside.biz>
Fri, 29 Mar 2013 00:49:40 +0000 (17:49 -0700)
httemplate/search/cust_main.cgi patch | blob | history

diff --git a/httemplate/search/cust_main.cgi b/httemplate/search/cust_main.cgi
index 8e3c813..2c09c69 100755 (executable)
--- a/httemplate/search/cust_main.cgi
+++ b/httemplate/search/cust_main.cgi
@@ -244,7 +244,7 @@
 %      my $pkg_rowspan = shift @pkg_rowspans;
 
         <% $n1 %><TD CLASS="grid" BGCOLOR="<% $bgcolor %>"  ROWSPAN="<% $pkg_rowspan%>">
-            <A HREF="<% $pkgview %>"><FONT SIZE=-1><% $pkg_comment %></FONT></A>
+            <A HREF="<% $pkgview %>"><FONT SIZE=-1><% $pkg_comment |h %></FONT></A>
         </TD>
 
 %       my $n2 = '';
Freeside billing, trouble ticketing, network monitoring and provisioning