From f84f17a5bed4f792a26b88d2f1230865c3ebd026 Mon Sep 17 00:00:00 2001
From: Denis Flaven <denis.flaven@combodo.com>
Date: Thu, 30 Jul 2015 09:05:48 +0000
Subject: [PATCH] Fixed a potential XSS vulnerability.

SVN:trunk[3662]
---
 application/dashboard.class.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/application/dashboard.class.inc.php b/application/dashboard.class.inc.php
index 7783aef6a..c12fe7ab6 100644
--- a/application/dashboard.class.inc.php
+++ b/application/dashboard.class.inc.php
@@ -312,7 +312,7 @@ abstract class Dashboard
 	
 	public function Render($oPage, $bEditMode = false, $aExtraParams = array())
 	{
-		$oPage->add('<h1>'.Dict::S($this->sTitle).'</h1>');
+		$oPage->add('<h1>'.htmlentities(Dict::S($this->sTitle), ENT_QUOTES, 'UTF-8', false).'</h1>');
 		$oLayout = new $this->sLayoutClass;
 		$oLayout->Render($oPage, $this->aCells, $bEditMode, $aExtraParams);
 		if (!$bEditMode)