From f1d7da36b1cb88df944ad7fb39967b63a29183e5 Mon Sep 17 00:00:00 2001
From: Mitch Jackson <mitch@freeside.biz>
Date: Tue, 23 Oct 2018 18:49:05 -0400
Subject: [PATCH] RT# 74031 Fix XSS

---
 httemplate/browse/realestate_unit.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/httemplate/browse/realestate_unit.html b/httemplate/browse/realestate_unit.html
index 399cd2583..a2fff7bc2 100644
--- a/httemplate/browse/realestate_unit.html
+++ b/httemplate/browse/realestate_unit.html
@@ -41,8 +41,8 @@
     'unit_title',
     sub {
       return '' unless $_[0]->custnum;
-      return $_[0]->company if $_[0]->company;
-      return $_[0]->first.' '.$_[0]->last;
+      return encode_entities( $_[0]->company ) if $_[0]->company;
+      return encode_entities( $_[0]->first.' '.$_[0]->last );
     },
   ],
   links => [
-- 
2.11.0