From 73f3dfac851460f88f4af05ad4dee49b1643d1cc Mon Sep 17 00:00:00 2001
From: alejandro-campos <alejandro.campos@artica.es>
Date: Fri, 31 Jan 2020 11:53:42 +0100
Subject: [PATCH] fix module string data with html special chars breaking html
 in page

---
 pandora_console/godmode/agentes/module_manager.php | 2 +-
 pandora_console/include/ajax/module.php            | 2 +-
 pandora_console/include/class/Tree.class.php       | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/pandora_console/godmode/agentes/module_manager.php b/pandora_console/godmode/agentes/module_manager.php
index b7b1d296ec..fcb8a1df52 100644
--- a/pandora_console/godmode/agentes/module_manager.php
+++ b/pandora_console/godmode/agentes/module_manager.php
@@ -832,7 +832,7 @@ foreach ($modules as $module) {
 
     $data[5] = ui_print_truncate_text($module['descripcion'], 'description', false);
 
-    $data[6] = ui_print_status_image($status, $title, true);
+    $data[6] = ui_print_status_image($status, htmlspecialchars($title), true);
 
     // MAX / MIN values
     if ($module['id_tipo_modulo'] != 25) {
diff --git a/pandora_console/include/ajax/module.php b/pandora_console/include/ajax/module.php
index 43f9ff1fe6..8ecf0fff0d 100755
--- a/pandora_console/include/ajax/module.php
+++ b/pandora_console/include/ajax/module.php
@@ -1022,7 +1022,7 @@ if (check_login()) {
                 $title
             );
 
-            $data[5] = ui_print_status_image($status, $title, true);
+            $data[5] = ui_print_status_image($status, htmlspecialchars($title), true);
             if (!$show_context_help_first_time) {
                 $show_context_help_first_time = true;
 
diff --git a/pandora_console/include/class/Tree.class.php b/pandora_console/include/class/Tree.class.php
index 05b576e40f..885fe1330f 100644
--- a/pandora_console/include/class/Tree.class.php
+++ b/pandora_console/include/class/Tree.class.php
@@ -623,7 +623,7 @@ class Tree
             }
         }
 
-        $module['statusImageHTML'] = ui_print_status_image($statusType, $statusTitle, true);
+        $module['statusImageHTML'] = ui_print_status_image($statusType, htmlspecialchars($statusTitle), true);
 
         // HTML of the server type image
         $module['serverTypeHTML'] = servers_show_type($module['server_type']);