apply htmlspecialchars() on converter cmds

This commit is contained in:
Uwe Steinmann 2014-01-08 06:37:07 +01:00
parent 2d4ded2d0f
commit 5af3ceef36

View File

@ -525,7 +525,7 @@ if(!is_writeable($settings->_configFilePath)) {
?>
<tr title="<?php echo $mimetype;?>">
<td><?php echo $mimetype;?>:</td>
<td><input type="text" name="converters[<?php echo $mimetype;?>]" value="<?php echo $cmd ?>" size="100" /></td>
<td><input type="text" name="converters[<?php echo $mimetype;?>]" value="<?php echo htmlspecialchars($cmd) ?>" size="100" /></td>
</tr>
<?php
}