From 9eb5b7ffb7a5fc8f8fe8c0fe40f070dd92d05b6f Mon Sep 17 00:00:00 2001
From: iglocska <andras.iklody@gmail.com>
Date: Wed, 8 Jan 2014 16:57:00 +0100
Subject: [PATCH] Fixed vulnerability

- Persistent XSS through the thread title fixed
---
 app/View/Threads/view.ctp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/View/Threads/view.ctp b/app/View/Threads/view.ctp
index a589df258..6bd0970c2 100644
--- a/app/View/Threads/view.ctp
+++ b/app/View/Threads/view.ctp
@@ -1,5 +1,5 @@
 <div class="threads view">
-	<h3><?php echo $thread_title; ?></h3>
+	<h3><?php echo h($thread_title); ?></h3>
 <?php
 	echo $this->element('eventdiscussion');
 ?>