Commit 9d794e1a1e22b0a5f63132b0c9184fd01ba11ef8
1 parent
84758f44
KTS-2178
"cross site scripting" Implemented. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6977 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
1 additions
and
1 deletions
templates/kt3/reorderdisplay.smarty
| @@ -16,7 +16,7 @@ | @@ -16,7 +16,7 @@ | ||
| 16 | <td> | 16 | <td> |
| 17 | <input type="hidden" class="reorder-field" name="position[]" value="{$iPosition}" /> | 17 | <input type="hidden" class="reorder-field" name="position[]" value="{$iPosition}" /> |
| 18 | <input type="hidden" name="id[]" value="{$aItem.id}" /> | 18 | <input type="hidden" name="id[]" value="{$aItem.id}" /> |
| 19 | - {$aItem.title} | 19 | + {$aItem.title|sanitize} |
| 20 | </td> | 20 | </td> |
| 21 | <td><a href="#" class="reorder-up ktAction ktMoveUp"> </a></td> | 21 | <td><a href="#" class="reorder-up ktAction ktMoveUp"> </a></td> |
| 22 | <td><a href="#" class="reorder-down ktAction ktMoveDown"> </a></td> | 22 | <td><a href="#" class="reorder-down ktAction ktMoveDown"> </a></td> |