Fixed XSS problem in title tag

Dolibarr · Jan 5, 2014 · e49f94d · e49f94d
1 parent 77e2d49
commit e49f94d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
@@ -968,7 +968,7 @@ function top_htmlhead($head, $title='', $disablejs=0, $disablehead=0, $arrayofjs
         $appli='Dolibarr';
         if (!empty($conf->global->MAIN_APPLICATION_TITLE)) $appli=$conf->global->MAIN_APPLICATION_TITLE;
 
-        if ($title) print '<title>'.$appli.' - '.$title.'</title>';
+        if ($title) print '<title>'.$appli.' - '.htmlentities($title).'</title>';
         else print "<title>".$appli."</title>";
         print "\n";