From fabe39381cad5bfe5ef9672457d5ee5fe9907c25 Mon Sep 17 00:00:00 2001
From: Gianluca Sforna <giallu@gmail.com>
Date: Wed, 16 Jan 2008 23:43:56 +0000
Subject: [PATCH] Fix 8756: "Most active bugs" summary XSS vulnerability

git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/branches/BRANCH_1_1_0@4896 f5dc347c-c33d-0410-90a0-b07cc1902cb9
---
 core/summary_api.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/summary_api.php b/core/summary_api.php
index 8e642349ff..fc4ab8e9b4 100644
--- a/core/summary_api.php
+++ b/core/summary_api.php
@@ -322,7 +322,7 @@ function summary_print_by_activity() {
 			if ( $t_count++ == 10 ) break;
 
 			$t_bugid = string_get_bug_view_link( $row['id'] );
-			$t_summary = $row['summary'];
+			$t_summary = string_html_specialchars( $row['summary'] );
 			$t_notescount = $row['count'];
 
 			print "<tr " . helper_alternate_class() . ">\n";