Merge pull request #1163 from KyraD/patch-2

Fix Additional XSS Vulnerability In "tpl.inc.php"

Reviewed-By: Peter Rotich <peter@osticket.com>

include/staff/tpl.inc.php

@@ -108,7 +108,7 @@ $tpl=$msgtemplates[$selected];
     <input type="hidden" name="draft_id" value=""/>
     <textarea name="body" cols="21" rows="16" style="width:98%;" wrap="soft"
         data-toolbar-external="#toolbar"
-        class="richtext draft" data-draft-namespace="tpl.<?php echo $selected; ?>"
+        class="richtext draft" data-draft-namespace="tpl.<?php echo Format::htmlchars($selected); ?>"
         data-draft-object-id="<?php echo $tpl_id; ?>"><?php echo $info['body']; ?></textarea>
 </div>