KTS-2178

"cross site scripting" Updated. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6942 c91229c3-7414-0410-bfa2-8a42b809f60b

KTS-2178
"cross site scripting" Updated. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6942 c91229c3-7414-0410-bfa2-8a42b809f60b
conradverm
1 parent 4763c644
Showing 1 changed file with 2 additions and 2 deletions
templates/ktcore/forms/widgets/collection.smarty
@@ -5,7 +5,7 @@
 <link rel="stylesheet" type="text/css" href="{$rootUrl}/resources/css/kt-framing.css" />
 <link rel="stylesheet" type="text/css" href="{$rootUrl}/resources/css/kt-contenttypes.css" />
 <link rel="stylesheet" type="text/css" href="{$rootUrl}/resources/css/kt-headings.css" />
-<!--[if lt IE 7]><style type="text/css" media="all">@import url({$rootUrl}/resources/css/kt-ie-icons.css);</style><![endif]-->    
+<!--[if lt IE 7]><style type="text/css" media="all">@import url({$rootUrl}/resources/css/kt-ie-icons.css);</style><![endif]-->
 <script type="text/javascript" src="{$rootUrl}/thirdpartyjs/MochiKit/Base.js"> </script>
 <script type="text/javascript" src="{$rootUrl}/thirdpartyjs/MochiKit/Iter.js"> </script>
@@ -25,7 +25,7 @@
 <input type="hidden" name="{$targetname}" value="{$folder->getId()}" />
 {foreach from=$breadcrumbs item=breadcrumb name=bc}
-<a href="{$breadcrumb.url}">{$breadcrumb.name}</a>
+<a href="{$breadcrumb.url}">{$breadcrumb.name|sanitize}</a>
 {if !$smarty.foreach.bc.last}
 &raquo;
 {/if}