From 000daf70ca8e3301b88be310949d4cd6cbadce4e Mon Sep 17 00:00:00 2001 From: Christian Weiske Date: Wed, 17 Aug 2011 18:24:26 +0200 Subject: [PATCH] Fix bug: Subtitle was not escaped --- data/templates/default/top.inc.php | 2 +- doc/ChangeLog | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/data/templates/default/top.inc.php b/data/templates/default/top.inc.php index 17ec982..f2adba4 100644 --- a/data/templates/default/top.inc.php +++ b/data/templates/default/top.inc.php @@ -49,7 +49,7 @@ if(!isset($_GET['popup'])) { '. $subtitle ."\n"; + echo '

'. htmlspecialchars($subtitle) ."

\n"; } if(DEBUG_MODE) { echo '

'. T_('Admins, your installation is in "Debug Mode" ($debugMode = true). To go in "Normal Mode" and hide debugging messages, change $debugMode to false into config.php.') ."

\n"; diff --git a/doc/ChangeLog b/doc/ChangeLog index 1c5f36f..05a6405 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -6,6 +6,7 @@ ChangeLog for SemantiScuttle 0.98.4 - 2011-XX-XX ------------------- - Fix bug: URLs were escaped too often in bookmark list +- Fix bug: Subtitle was not escaped 0.98.3 - 2011-08-09