Bug 19611: Fix XSS Flaws in supplier.pl

[koha.git] / koha-tmpl / intranet-tmpl / prog / en / modules / acqui / booksellers.tt

diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/booksellers.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/booksellers.tt
index 50331d7..41b6912 100644 (file)
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/booksellers.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/booksellers.tt
@@ -80,7 +80,7 @@ $(document).ready(function() {
             <div class="supplier">
                 <span class="suppliername">
                     [% IF (supplier.name) %]
-                        <a name="[% supplier.booksellerid %]" href="/cgi-bin/koha/acqui/supplier.pl?booksellerid=[% supplier.booksellerid %]">[% supplier.name %]</a>
+                        <a name="[% supplier.booksellerid %]" href="/cgi-bin/koha/acqui/supplier.pl?booksellerid=[% supplier.booksellerid %]">[% supplier.name |html %]</a>
                     [% ELSE %]
                         <a name="[% supplier.booksellerid %]" href="/cgi-bin/koha/acqui/supplier.pl?booksellerid=[% supplier.booksellerid %]">NO NAME</a>
                     [% END %]