KTS-2178

"cross site scripting" Implemented. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6977 c91229c3-7414-0410-bfa2-8a42b809f60b

KTS-2178
"cross site scripting" Implemented. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6977 c91229c3-7414-0410-bfa2-8a42b809f60b
conradverm
1 parent 84758f44
Showing 1 changed file with 1 additions and 1 deletions
templates/kt3/reorderdisplay.smarty
@@ -16,7 +16,7 @@
             <td>
                 <input type="hidden" class="reorder-field" name="position[]" value="{$iPosition}" />
                 <input type="hidden" name="id[]" value="{$aItem.id}" />
-                {$aItem.title}
+                {$aItem.title|sanitize}
             </td>
             <td><a href="#" class="reorder-up ktAction ktMoveUp">&nbsp;</a></td>
             <td><a href="#" class="reorder-down ktAction ktMoveDown">&nbsp;</a></td>