From d72e861dfe4d743373fa8e90bfefe3b77e214b78 Mon Sep 17 00:00:00 2001
From: Stephen Abello <stephen.abello@combodo.com>
Date: Mon, 19 May 2025 14:51:12 +0200
Subject: [PATCH] =?UTF-8?q?N=C2=B08315=20-=20Security=20hardening?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../itop-portal-base/portal/src/Helper/BrowseBrickHelper.php    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/datamodels/2.x/itop-portal-base/portal/src/Helper/BrowseBrickHelper.php b/datamodels/2.x/itop-portal-base/portal/src/Helper/BrowseBrickHelper.php
index 405051fba..f9d3006e8 100644
--- a/datamodels/2.x/itop-portal-base/portal/src/Helper/BrowseBrickHelper.php
+++ b/datamodels/2.x/itop-portal-base/portal/src/Helper/BrowseBrickHelper.php
@@ -513,7 +513,7 @@ class BrowseBrickHelper
 			$aItems[$sCurrentIndex] = array(
 				'level_alias' => $aCurrentRowKeys[0],
 				'id' => $aCurrentRowValues[0]->GetKey(),
-				'name' => $aCurrentRowValues[0]->Get($aLevelsProperties[$aCurrentRowKeys[0]]['name_att']),
+				'name' => utils::EscapeHtml($aCurrentRowValues[0]->Get($aLevelsProperties[$aCurrentRowKeys[0]]['name_att'])),
 				'class' => get_class($aCurrentRowValues[0]),
 				'subitems' => array(),
 				'filter_data' => $this->GetFilterData($aLevelsProperties[$aCurrentRowKeys[0]], $aCurrentRowKeys[0], $aCurrentRowValues[0]),