From 25ae16b169da0a58c600da19c70bd38efdde90ed Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@osticket.com>
Date: Tue, 21 Jul 2015 15:00:09 +0000
Subject: [PATCH] bug: Encode choices options on render

This pull request addresses potential XSS vulnerability due to unsanitized
user inputs on field configuration.
---
 include/class.forms.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/class.forms.php b/include/class.forms.php
index e926ae07a..46d9600cc 100644
--- a/include/class.forms.php
+++ b/include/class.forms.php
@@ -3169,7 +3169,7 @@ class ChoicesWidget extends Widget {
                 continue; ?>
             <option value="<?php echo $key; ?>" <?php
                 if (isset($values[$key])) echo 'selected="selected"';
-            ?>><?php echo $name; ?></option>
+            ?>><?php echo Format::htmlchars($name); ?></option>
         <?php
         }
     }
@@ -3182,7 +3182,7 @@ class ChoicesWidget extends Widget {
                     continue; ?>
             <option value="<?php echo $key; ?>" <?php
                 if (isset($values[$key])) echo 'selected="selected"';
-            ?>><?php echo $name; ?></option>
+            ?>><?php echo Format::htmlchars($name); ?></option>
 <?php       } ?>
             </optgroup><?php
         }
-- 
GitLab