[FIX] Potential XSS

2013-11-27 13:27:56 +01:00 · 2013-11-27 13:27:56 +01:00 · a35bb0d4cd
commit a35bb0d4cd
parent f7adadc2da
1 changed files with 1 additions and 1 deletions
--- a/public/templates/mpos/statistics/pool/contributors_shares.tpl
+++ b/public/templates/mpos/statistics/pool/contributors_shares.tpl
@ -24,7 +24,7 @@
      <tr>
        <td align="center">n/a</td>
        <td align="right">{if $GLOBAL.userdata.donate_percent > 0}<i class="icon-star-empty"></i>{/if}</td>
-        <td>{$GLOBAL.userdata.username}</td>
+        <td>{$GLOBAL.userdata.username|escape}</td>
        <td align="right" style="padding-right: 25px;">{$GLOBAL.userdata.shares.valid|number_format}</td>
      </tr>
 {/if}