diff --git a/ChangeLog b/ChangeLog
index ff73dd4..e8320ca 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+---------------------------------------------------------------------------
+Version 3.5.5 (beta), 2012-06-19
+- Merged security fixes into beta branch
+---------------------------------------------------------------------------
+Version 3.4.4 (stable), 2012-06-19
+- Fixed cross-site scripting vulnerability of highlight parameter 
+  on index.php page. 
+---------------------------------------------------------------------------
 Version 3.5.4 (beta), 2012-05-22
 - Merged security fixes into beta branch
 ---------------------------------------------------------------------------
diff --git a/src/include/functions_common.php b/src/include/functions_common.php
index 98577f2..668a180 100644
--- a/src/include/functions_common.php
+++ b/src/include/functions_common.php
@@ -66,7 +66,7 @@ $LANG_EN = "en";	// Used for fallback
 $LANG = "en";		// Default language
 
 // Default Template vars
-$content['BUILDNUMBER'] = "3.5.4";
+$content['BUILDNUMBER'] = "3.5.5";
 $content['UPDATEURL'] = "http://loganalyzer.adiscon.com/files/version.txt";
 $content['TITLE'] = "Adiscon LogAnalyzer :: Release " . $content['BUILDNUMBER'];	// Default page title 
 $content['BASEPATH'] = $gl_root_path;
diff --git a/src/index.php b/src/index.php
index 1304e32..d0fcafa 100644
--- a/src/index.php
+++ b/src/index.php
@@ -124,6 +124,7 @@ $content['sorting'] = "";
 $content['searchstr'] = "";
 $content['searchstr_htmlform'] = "";
 $content['highlightstr'] = "";
+$content['highlightstr_htmlform'] = "";
 $content['EXPAND_HIGHLIGHT'] = "false";
 
 // --- Read and process filters from search dialog!
@@ -142,18 +143,21 @@ if ( (isset($_POST['search']) || isset($_GET['search'])) || (isset($_POST['filte
 
 	// Optionally read highlight words
 	if ( isset($_POST['highlight']) )
-		$content['highlightstr'] = $_POST['highlight'];
-	else if ( isset($_GET['highlight']) )
-		$content['highlightstr'] = $_GET['highlight'];
-	
-//	else if ( $mysearch == $content['LN_SEARCH']) 
 	{
-		// Message is just appended
-		if ( isset($myfilter) && strlen($myfilter) > 0 )
-		{
-			$content['searchstr'] = $myfilter;
-			$content['searchstr_htmlform'] = htmlspecialchars($myfilter);
-		}
+		$content['highlightstr'] = $_POST['highlight'];
+		$content['highlightstr_htmlform'] = htmlspecialchars($_POST['highlight']);
+	}
+	else if ( isset($_GET['highlight']) )
+	{
+		$content['highlightstr'] = $_GET['highlight'];
+		$content['highlightstr_htmlform'] = htmlspecialchars($_GET['highlight']);
+	}
+	
+	// Message is just appended
+	if ( isset($myfilter) && strlen($myfilter) > 0 )
+	{
+		$content['searchstr'] = $myfilter;
+		$content['searchstr_htmlform'] = htmlspecialchars($myfilter);
 	}
 
 	if ( strlen($content['highlightstr']) > 0 ) 
@@ -165,7 +169,7 @@ if ( (isset($_POST['search']) || isset($_GET['search'])) || (isset($_POST['filte
 		if ( strpos($content['highlightstr'], ",") === false)
 		{
 
-			$content['highlightwords'][0]['highlight_raw'] = $content['highlightstr'];
+			$content['highlightwords'][0]['highlight_html'] = htmlspecialchars($content['highlightstr']);
 			$content['highlightwords'][0]['highlight'] = str_replace( $searchArray, $replaceArray, $content['highlightstr']);
 			$content['highlightwords'][0]['cssclass'] = "highlight_1";
 			$content['highlightwords'][0]['htmlcode'] = '<span class="' . $content['highlightwords'][0]['cssclass'] . '">' . $content['highlightwords'][0]['highlight']. '</span>';
@@ -175,12 +179,12 @@ if ( (isset($_POST['search']) || isset($_GET['search'])) || (isset($_POST['filte
 			// Split array into words
 			$tmparray = explode( ",", $content['highlightstr'] );
 			foreach( $tmparray as $word ) 
-				$content['highlightwords'][]['highlight_raw'] = $word;
+				$content['highlightwords'][]['highlight_html'] = htmlspecialchars($word);
 			
 			// Assign other variables needed for this array entry
 			for ($i = 0; $i < count($content['highlightwords']); $i++)
 			{
-				$content['highlightwords'][$i]['highlight'] = str_replace( $searchArray, $replaceArray, $content['highlightwords'][$i]['highlight_raw']);
+				$content['highlightwords'][$i]['highlight'] = str_replace( $searchArray, $replaceArray, $content['highlightwords'][$i]['highlight_html']);
 				$content['highlightwords'][$i]['cssclass'] = "highlight_" . ($i+1);
 				$content['highlightwords'][$i]['htmlcode'] = '<span class="' . $content['highlightwords'][$i]['cssclass'] . '">' . $content['highlightwords'][$i]['highlight']. '</span>';
 			}
diff --git a/src/templates/index.html b/src/templates/index.html
index dfdd9ee..10f32b7 100644
--- a/src/templates/index.html
+++ b/src/templates/index.html
@@ -65,7 +65,7 @@
 	</tr>
 	<tr>
 		<td align="left" class="line1" nowrap>
-			<input maxlength="2048" name="highlight" size="75" title="Search" value="{highlightstr}">
+			<input maxlength="2048" name="highlight" size="75" title="Search" value="{highlightstr_htmlform}">
 			<input name="search" type="submit" value="{LN_SEARCH}" class="SearchFormControl">
 		</td>
 	</tr>
@@ -75,7 +75,7 @@
 			<table border="0" cellpadding="1" cellspacing="1" width="100%" align="center">
 			<tr>
 			<!-- BEGIN highlightwords -->
-				<td class="{cssclass}" align="center"><b>{highlight_raw}</b></td>
+				<td class="{cssclass}" align="center"><b>{highlight_html}</b></td>
 			<!-- END highlightwords -->
 			</tr>
 			</table>