Use htmlspecialchars to prevent attacks

2014-07-16 13:10:28 +02:00 · 2014-07-16 13:10:28 +02:00 · cb04c42bab
parent e5fdf78c98
commit cb04c42bab
1 changed files with 1 additions and 1 deletions
--- a/modules/monitoring/application/views/scripts/list/contacts.phtml
+++ b/modules/monitoring/application/views/scripts/list/contacts.phtml
@ -34,7 +34,7 @@ $contactHelper = $this->getHelper('ContactFlags');
                if ($value): ?>
                    <br />
                    <?php
-                    printf($format, $value);
+                    printf($format, htmlspecialchars($value));
                endif;
            endforeach;
            ?>