From 880b94498ab07edc0990af183c2491b89eefe066 Mon Sep 17 00:00:00 2001 From: Christian Weiske Date: Wed, 17 Aug 2011 18:24:26 +0200 Subject: Fix bug: Subtitle was not escaped --- data/templates/default/top.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'data/templates/default') diff --git a/data/templates/default/top.inc.php b/data/templates/default/top.inc.php index 17ec982..f2adba4 100644 --- a/data/templates/default/top.inc.php +++ b/data/templates/default/top.inc.php @@ -49,7 +49,7 @@ if(!isset($_GET['popup'])) { '. $subtitle ."\n"; + echo '

'. htmlspecialchars($subtitle) ."

\n"; } if(DEBUG_MODE) { echo '

'. T_('Admins, your installation is in "Debug Mode" ($debugMode = true). To go in "Normal Mode" and hide debugging messages, change $debugMode to false into config.php.') ."

\n"; -- cgit v1.2.3