From 597c0a4e519e14ba42c77b518a44789e3a8067b0 Mon Sep 17 00:00:00 2001
From: Cash Costello <cash.costello@gmail.com>
Date: Tue, 5 Mar 2013 07:34:18 -0500
Subject: Fixes #5165 handling html tags passed as tags

---
 views/default/output/tags.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'views/default/output/tags.php')

diff --git a/views/default/output/tags.php b/views/default/output/tags.php
index 3082dd41e..41fd5f168 100644
--- a/views/default/output/tags.php
+++ b/views/default/output/tags.php
@@ -55,6 +55,7 @@ if (!empty($vars['tags'])) {
 	$list_items = '<li>' . elgg_view_icon('tag', $icon_class) . '</li>';
 
 	foreach($vars['tags'] as $tag) {
+		$tag = htmlspecialchars($tag, ENT_QUOTES, 'UTF-8', false);
 		if (!empty($vars['type'])) {
 			$type = "&type={$vars['type']}";
 		} else {
-- 
cgit v1.2.3