From ab74f9316a0e5c80f5099921f62fc6c1f832268c Mon Sep 17 00:00:00 2001
From: sgiehl <stefan@piwik.org>
Date: Sat, 20 Apr 2013 15:40:31 +0200
Subject: [PATCH] refs #3813 escape html title attribute to avoid possible XSS

---
 plugins/CoreHome/templates/datatable_cell.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/CoreHome/templates/datatable_cell.tpl b/plugins/CoreHome/templates/datatable_cell.tpl
index 0ecb4bd04c5..8cf4addfbe7 100644
--- a/plugins/CoreHome/templates/datatable_cell.tpl
+++ b/plugins/CoreHome/templates/datatable_cell.tpl
@@ -10,7 +10,7 @@
     {logoHtml metadata=$row.metadata alt=$row.columns.label}
     {if !empty($row.metadata.html_label_prefix)}<span class='label-prefix'>{$row.metadata.html_label_prefix}</span>{/if}
     <span class='label{if !empty($row.metadata.is_aggregate) && $row.metadata.is_aggregate } highlighted{/if}'
-          {if !empty($properties.tooltip_metadata_name)}title="{$row.metadata[$properties.tooltip_metadata_name]}"{/if}>{* make sure there are no whitespaces inside the span
+          {if !empty($properties.tooltip_metadata_name)}title="{$row.metadata[$properties.tooltip_metadata_name]|escape:'html'}"{/if}>{* make sure there are no whitespaces inside the span
 *}{if !empty($row.metadata.html_label_suffix)}<span class='label-suffix'>{$row.metadata.html_label_suffix}</span>{/if}
         {/if}{*
 *}{if isset($row.columns[$column])}{$row.columns[$column]}{else}{$defaultWhenColumnValueNotDefined}{/if}{*