KTS-2178

"cross site scripting" Implemented. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6992 c91229c3-7414-0410-bfa2-8a42b809f60b

KTS-2178
"cross site scripting" Implemented. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6992 c91229c3-7414-0410-bfa2-8a42b809f60b
conradverm
1 parent b8820359
Showing 1 changed file with 1 additions and 1 deletions
templates/ktcore/search/administration/savedsearches.smarty
@@ -31,7 +31,7 @@ newsletters, etc.) based on a category or fieldset value.{/i18n}&lt;/p&gt;
 <tbody>
 {foreach item=oSearch from=$saved_searches}
     <tr>
-        <td>{$oSearch->getName()}</td>
+        <td>{$oSearch->getName()|sanitize}</td>
 	{capture assign=iUserId}{$oSearch->getUserId()}{/capture}
 	<td>{if ($iUserId === '')}Global{else}{$context->_getUserName($iUserId)}{/if}</td>
         <td><a href="{addQS}action=edit&fSavedSearchId={$oSearch->getId()}{/addQS}" class="ktAction ktEdit">{i18n}Edit{/i18n}</a></td>