From 7256d4ff91e6324f7d1b42cdf6d7f9f5d5e86cf3 Mon Sep 17 00:00:00 2001
From: "Michael Kaufmann (d00p)" <d00p@froxlor.org>
Date: Tue, 17 Dec 2013 07:57:38 +0100
Subject: [PATCH] fix possible xss-target

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
---
 admin_tickets.php    | 2 +-
 customer_tickets.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/admin_tickets.php b/admin_tickets.php
index f38311cc..59902cf6 100644
--- a/admin_tickets.php
+++ b/admin_tickets.php
@@ -376,7 +376,7 @@ if ($page == 'tickets'
 			$priorities = makeoption($lng['ticket']['high'], '1', $mainticket->Get('priority'), true, true);
 			$priorities.= makeoption($lng['ticket']['normal'], '2', $mainticket->Get('priority'), true, true);
 			$priorities.= makeoption($lng['ticket']['low'], '3', $mainticket->Get('priority'), true, true);
-			$subject = $mainticket->Get('subject');
+			$subject = htmlentities($mainticket->Get('subject'));
 			$ticket_replies_count = $numrows_andere + 1;
 
 			// don't forget the main-ticket!
diff --git a/customer_tickets.php b/customer_tickets.php
index 945b0951..40ed85ad 100644
--- a/customer_tickets.php
+++ b/customer_tickets.php
@@ -326,7 +326,7 @@ if($page == 'overview') {
 			$priorities = makeoption($lng['ticket']['high'], '1', $mainticket->Get('priority'), true, true);
 			$priorities.= makeoption($lng['ticket']['normal'], '2', $mainticket->Get('priority'), true, true);
 			$priorities.= makeoption($lng['ticket']['low'], '3', $mainticket->Get('priority'), true, true);
-			$subject = $mainticket->Get('subject');
+			$subject = htmlentities($mainticket->Get('subject'));
 			$ticket_replies_count = $numrows_andere + 1;
 
 			// don't forget the main-ticket!