Fix XSS in Changesets List page

Backported from ff7d7b65201738eab597691021b4faae5b92d7df. Changes in repo_manage_page.php are not applicable, as the 1.x code relies on var_dump() to display the repository config, and is therefore not vulnerable to the same XSS attack vector. Fixes #286 Conflicts: Source/pages/list.php Source/pages/repo_manage_page.php
mantisbt-plugins · Sep 1, 2018 · bab22fe · bab22fe
1 parent cf5b0da
commit bab22fe
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/Source/pages/list.php b/Source/pages/list.php
@@ -26,7 +26,7 @@
 
 <div class="table-container">
 
-	<h2><?php echo plugin_lang_get( 'changesets' ), ': ', $t_repo->name ?></h2>
+	<h2><?php echo plugin_lang_get( 'changesets' ), ': ', string_display_line( $t_repo->name ) ?></h2>
 
 	<div class="right">
 		<?php