Bug #14752

Fix bug by using the more adequant OWASP Encode method.

Author: mmoqui

core-web/src/main/java/org/silverpeas/core/web/attachment/tag/SimpleDocumentContextualMenu.java

@@ -215,7 +215,7 @@ private void buildDocumentStateActions(SimpleDocument attachment, LocalizationBu
         "switchState('" + attachment.getId() + "', " + attachment.isVersioned() + ", " +
             isLastPublicVersion + ");", message);
     prepareMenuItem(builder, "deleteAttachment('" + attachment.getId() + "','" +
-        Encode.forHtml(attachment.getFilename()) + "');", resources.getString("GML.delete"));
+        Encode.forJavaScriptAttribute(attachment.getFilename()) + "');", resources.getString("GML.delete"));
     message = resources.getString("attachment.download.allowReaders");
     boolean isDownloadAllowedForReaders = attachment.isDownloadAllowedForReaders();
     if (isDownloadAllowedForReaders) {