Fixed bug #10298: Various XSS issues in the BE user admin module
[Packages/TYPO3.CMS.git] / typo3 / alt_intro.php
index b5ad0ad..9b5ea60 100755 (executable)
@@ -134,8 +134,8 @@ class SC_alt_intro {
                $this->content.='<p class="c-user">'.
                                htmlspecialchars($LANG->getLL('userInfo')).
                                sprintf(' <strong>%s</strong> (%s)',
                $this->content.='<p class="c-user">'.
                                htmlspecialchars($LANG->getLL('userInfo')).
                                sprintf(' <strong>%s</strong> (%s)',
-                                               $BE_USER->user['username'],
-                                               (implode(', ',array($BE_USER->user['realName'],$BE_USER->user['email'])))
+                                               htmlspecialchars($BE_USER->user['username']),
+                                               htmlspecialchars(implode(', ',array($BE_USER->user['realName'],$BE_USER->user['email'])))
                                                ).
                                '</p>
                                <br />
                                                ).
                                '</p>
                                <br />