From 29b1c1530e7f800e09548f270a0c79d1a0ef1ad7 Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Mon, 16 Jun 2014 16:26:40 -0500
Subject: [PATCH] Fix XSS vulnerability in account registration

---
 include/client/register.inc.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/include/client/register.inc.php b/include/client/register.inc.php
index 9c86407a1..9c43bdf05 100644
--- a/include/client/register.inc.php
+++ b/include/client/register.inc.php
@@ -13,6 +13,7 @@ if (isset($user) && $user instanceof ClientCreateRequest) {
         'username' => $user->getUsername(),
     ));
 }
+$info = Format::htmlchars(($errors && $_POST)?$_POST:$info);
 
 ?>
 <h1>Account Registration</h1>
-- 
GitLab