From 5084f7fccbea4898c41b0325ca4ae747a546c98c Mon Sep 17 00:00:00 2001
From: Eric Espie <eric.espie@combodo.com>
Date: Mon, 12 Jun 2023 11:33:33 +0200
Subject: [PATCH] =?UTF-8?q?N=C2=B06396=20-=20Protect=20URL=20display?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 js/components/breadcrumbs.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/js/components/breadcrumbs.js b/js/components/breadcrumbs.js
index 485ad0f14..9ffc96eeb 100644
--- a/js/components/breadcrumbs.js
+++ b/js/components/breadcrumbs.js
@@ -121,6 +121,7 @@ $(function()
 							sBreadcrumbsItemHtml += '<span class="ibo-is-current" data-role="" data-breadcrumb-entry-number="'+iEntry+'" title="'+sTitle+'">'+sIconSpec+'<span class="ibo-breadcrumbs--item-label">'+sLabel+'</span></span>';
 						} else {
 							var sSanitizedUrl = StripArchiveArgument(oEntry['url']);
+							sSanitizedUrl = CombodoSanitizer.EscapeHtml(sSanitizedUrl, false);
 							sBreadcrumbsItemHtml += '<a class="" data-role="" data-breadcrumb-entry-number="'+iEntry+'" href="'+sSanitizedUrl+'" title="'+sTitle+'">'+sIconSpec+'<span class="ibo-breadcrumbs--item-label">'+sLabel+'</span></a>';
 						}
 					}