From b1ef63e5bfc0d3995245b42154686db1400b2c22 Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Sun, 15 Oct 2006 03:26:50 +0000
Subject: Bug 206037: [SECURITY] Fix escaping/quoting in edit*.cgi scripts -
 Patch by Frédéric Buclin <LpSolit@gmail.com> r=justdave a=justdave
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 template/en/default/bug/create/create.html.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'template/en/default/bug/create/create.html.tmpl')

diff --git a/template/en/default/bug/create/create.html.tmpl b/template/en/default/bug/create/create.html.tmpl
index eb3aea2e4..812abb075 100644
--- a/template/en/default/bug/create/create.html.tmpl
+++ b/template/en/default/bug/create/create.html.tmpl
@@ -526,7 +526,7 @@ function handleWantsAttachment(wants_attachment) {
         <input type="checkbox" id="bit-[% g.bit %]"
           name="bit-[% g.bit %]" value="1"
           [% " checked=\"checked\"" IF g.checked %]>
-          <label for="bit-[% g.bit %]">[% g.description %]</label><br>
+          <label for="bit-[% g.bit %]">[% g.description FILTER html_light %]</label><br>
       [% END %]
       <br>
     [% END %]
-- 
cgit v1.2.3-24-g4f1b