]> git.donarmstrong.com Git - debbugs.git/blobdiff - templates/en_US/cgi/pkgreport_options_include_exclude_key.tmpl
projects / debbugs.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
* fix XSS in include_exclude_key
[debbugs.git] / templates / en_US / cgi / pkgreport_options_include_exclude_key.tmpl
diff --git a/templates/en_US/cgi/pkgreport_options_include_exclude_key.tmpl b/templates/en_US/cgi/pkgreport_options_include_exclude_key.tmpl
index da67c300aab038441f6c77fe48422131a4a1f4c5..ab0a246e89a071440c123fa5b523192da058c251 100644 (file)
--- a/templates/en_US/cgi/pkgreport_options_include_exclude_key.tmpl
+++ b/templates/en_US/cgi/pkgreport_options_include_exclude_key.tmpl
@@ -9,6 +9,6 @@
                        package    => 'with package',
                        ],$key1||'')}
 </select>
-<input type="text" name="_fo_{$incexc}value" value ="{$key2||''}">
+<input type="text" name="_fo_{$incexc}value" value ="{html_escape($key2)||''}">
 <!-- {$value_index} -->
 </nobr>
Debian bug tracker development