From e0b82c355d234a29f73e032403d9a022b4996779 Mon Sep 17 00:00:00 2001
From: Ivan Kohler <ivan@freeside.biz>
Date: Thu, 10 Nov 2016 11:40:04 -0800
Subject: [PATCH] xss

---
 httemplate/elements/table-tickets.html | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/httemplate/elements/table-tickets.html b/httemplate/elements/table-tickets.html
index b322a5f7c..9247e58c6 100644
--- a/httemplate/elements/table-tickets.html
+++ b/httemplate/elements/table-tickets.html
@@ -57,7 +57,7 @@ View
     </TD>
   
     <TD CLASS="grid" BGCOLOR="<% $bgcolor %>">
-      <A HREF=<%$href%>><% $ticket->{subject} %></A>
+      <A HREF=<%$href%>><% $ticket->{subject} |h %></A>
     </TD>
   
     <TD CLASS="grid" BGCOLOR="<% $bgcolor %>">
@@ -69,7 +69,7 @@ View
     </TD>
   
     <TD CLASS="grid" BGCOLOR="<% $bgcolor %>">
-      <% $ticket->{owner} %>
+      <% $ticket->{owner} |h %>
     </TD>
 
     <TD CLASS="grid" BGCOLOR="<% $bgcolor %>">
@@ -84,12 +84,13 @@ View
       <% $ticket->{content}
            ? $ticket->{content}.' ('.$ticket->{priority}.')'
            : $ticket->{priority}
+         |h
       %>
     </TD>
 
 %   if ( $ss_priority ) {
     <TD ALIGN="right" CLASS="grid" BGCOLOR="<% $bgcolor %>">
-      <% $ticket->{"CF.{$ss_priority}"} %>
+      <% $ticket->{"CF.{$ss_priority}"} |h %>
     </TD>
 %   }
 %   if ( $object->isa('FS::cust_main') ) {
-- 
2.11.0