From 8b431a881e89b632c291e8db1dc7a1435bdc8688 Mon Sep 17 00:00:00 2001
From: Steve Lime <steve.lime@state.mn.us>
Date: Wed, 17 Apr 2019 09:58:44 -0500
Subject: [PATCH] Fix potential XSS issue with [layers] tag.

---
 maptemplate.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/maptemplate.c b/maptemplate.c
index 972e32d999..400911960a 100644
--- a/maptemplate.c
+++ b/maptemplate.c
@@ -3671,7 +3671,9 @@ static char *processLine(mapservObj *mapserv, char *instr, FILE *stream, int mod
     strlcat(repstr, " ", sizeof(repstr));
   }
   msStringTrimBlanks(repstr);
-  outstr = msReplaceSubstring(outstr, "[layers]", repstr);
+  encodedstr = msEncodeHTMLEntities(repstr);
+  outstr = msReplaceSubstring(outstr, "[layers]", encodedstr);
+  free(encodedstr);
 
   encodedstr = msEncodeUrl(repstr);
   outstr = msReplaceSubstring(outstr, "[layers_esc]", encodedstr);