From 99569a34352fc4e430d510d733879d8c48f73042 Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Tue, 6 Dec 2022 11:15:51 +0100
Subject: [PATCH] fix possible xss attack

---
 views/bootstrap/class.TriggerWorkflow.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/views/bootstrap/class.TriggerWorkflow.php b/views/bootstrap/class.TriggerWorkflow.php
index 0cc18bd70..e1907061f 100644
--- a/views/bootstrap/class.TriggerWorkflow.php
+++ b/views/bootstrap/class.TriggerWorkflow.php
@@ -104,7 +104,7 @@ $(document).ready(function() {
 				'required'=>false
 			)
 		);
-		$this->formSubmit(getMLText("action_".strtolower($action->getName()), array(), $action->getName()));
+		$this->formSubmit(getMLText("action_".strtolower($action->getName()), array(), htmlspecialchars($action->getName())));
 ?>
 	</form>
 <?php