From a35bb0d4cd993bcbbecdab557e8ab1e9072f723b Mon Sep 17 00:00:00 2001
From: Sebastian Grewe <sebastian@grewe.ca>
Date: Wed, 27 Nov 2013 13:27:56 +0100
Subject: [PATCH] [FIX] Potential XSS

---
 public/templates/mpos/statistics/pool/contributors_shares.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/templates/mpos/statistics/pool/contributors_shares.tpl b/public/templates/mpos/statistics/pool/contributors_shares.tpl
index 80074ca3..aedfa296 100644
--- a/public/templates/mpos/statistics/pool/contributors_shares.tpl
+++ b/public/templates/mpos/statistics/pool/contributors_shares.tpl
@@ -24,7 +24,7 @@
       <tr>
         <td align="center">n/a</td>
         <td align="right">{if $GLOBAL.userdata.donate_percent > 0}<i class="icon-star-empty"></i>{/if}</td>
-        <td>{$GLOBAL.userdata.username}</td>
+        <td>{$GLOBAL.userdata.username|escape}</td>
         <td align="right" style="padding-right: 25px;">{$GLOBAL.userdata.shares.valid|number_format}</td>
       </tr>
 {/if}