Fixed vulnerability

- Persistent XSS through the thread title fixed
2014-01-08 16:57:00 +01:00 · 2014-01-08 16:57:00 +01:00 · 9eb5b7ffb7
parent 6e842da5bc
commit 9eb5b7ffb7
1 changed files with 1 additions and 1 deletions
--- a/app/View/Threads/view.ctp
+++ b/app/View/Threads/view.ctp
@ -1,5 +1,5 @@
 <div class="threads view">
-	<h3><?php echo $thread_title; ?></h3>
+	<h3><?php echo h($thread_title); ?></h3>
 <?php
 	echo $this->element('eventdiscussion');
 ?>