xss

diff --git a/httemplate/elements/table-tickets.html b/httemplate/elements/table-tickets.html
index bc02c7c..c63a55e 100644 (file)
--- a/httemplate/elements/table-tickets.html
+++ b/httemplate/elements/table-tickets.html
@@ -53,7 +53,7 @@ View
     </TD>
   
     <TD CLASS="grid" BGCOLOR="<% $bgcolor %>">
-      <A HREF=<%$href%>><% $ticket->{subject} %></A>
+      <A HREF=<%$href%>><% $ticket->{subject} |h %></A>
     </TD>
   
     <TD CLASS="grid" BGCOLOR="<% $bgcolor %>">
@@ -65,7 +65,7 @@ View
     </TD>
   
     <TD CLASS="grid" BGCOLOR="<% $bgcolor %>">
-      <% $ticket->{owner} %>
+      <% $ticket->{owner} |h %>
     </TD>
 
     <TD CLASS="grid" BGCOLOR="<% $bgcolor %>">
@@ -80,12 +80,13 @@ View
       <% $ticket->{content}
            ? $ticket->{content}.' ('.$ticket->{priority}.')'
            : $ticket->{priority}
+         |h
       %>
     </TD>
 
 %   if ( $ss_priority ) {
     <TD ALIGN="right" CLASS="grid" BGCOLOR="<% $bgcolor %>">
-      <% $ticket->{"CF.{$ss_priority}"} %>
+      <% $ticket->{"CF.{$ss_priority}"} |h %>
     </TD>
 %   }
 %   if ( $object->isa('FS::cust_main') ) {