From d39ac5de2fc6565f1c4f7cc84ab1c5b0841584ab Mon Sep 17 00:00:00 2001
From: Ingmar Schlecht <ingmar.schlecht@typo3.org>
Date: Sun, 20 Apr 2008 11:50:51 +0000
Subject: [PATCH] Fixed bug #8019: missing htmlspecialchars() in adminPanel

git-svn-id: https://svn.typo3.org/TYPO3v4/Core/trunk@3596 709f56b5-9817-0410-a4d7-c38de5d9e867
---
 ChangeLog                            | 1 +
 t3lib/class.t3lib_tsfebeuserauth.php | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 1d8549555f63..58a145bd5b7e 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,7 @@
 2008-04-20  Ingmar Schlecht  <ingmar@typo3.org>
 
 	* Fixed bug #8138: Search in Loaded Extensions not working (Thanks to Steffen Kamper)
+	* Fixed bug #8019: missing htmlspecialchars() in adminPanel (Thanks to Steffen Kamper)
 
 2008-04-20  Ingo Renner  <ingo@typo3.org>
 
diff --git a/t3lib/class.t3lib_tsfebeuserauth.php b/t3lib/class.t3lib_tsfebeuserauth.php
index 3a4fcbb3285d..8f78b6d9e0f0 100755
--- a/t3lib/class.t3lib_tsfebeuserauth.php
+++ b/t3lib/class.t3lib_tsfebeuserauth.php
@@ -336,7 +336,7 @@ $query.'
 			$depth = $this->extGetFeAdminValue('cache','clearCacheLevels');
 			$outTable = '';
 			$this->extPageInTreeInfo = array();
-			$this->extPageInTreeInfo[] = array($GLOBALS['TSFE']->page['uid'],$GLOBALS['TSFE']->page['title'],$depth+1);
+			$this->extPageInTreeInfo[] = array($GLOBALS['TSFE']->page['uid'],htmlspecialchars($GLOBALS['TSFE']->page['title']),$depth+1);
 			$this->extGetTreeList($GLOBALS['TSFE']->id, $depth,0,$this->getPagePermsClause(1));
 			reset($this->extPageInTreeInfo);
 			while(list(,$row)=each($this->extPageInTreeInfo)) {
@@ -377,7 +377,7 @@ $query.'
 			$depth = $this->extGetFeAdminValue('publish','levels');
 			$outTable = '';
 			$this->extPageInTreeInfo = array();
-			$this->extPageInTreeInfo[] = array($GLOBALS['TSFE']->page['uid'],$GLOBALS['TSFE']->page['title'],$depth+1);
+			$this->extPageInTreeInfo[] = array($GLOBALS['TSFE']->page['uid'],htmlspecialchars($GLOBALS['TSFE']->page['title']),$depth+1);
 			$this->extGetTreeList($GLOBALS['TSFE']->id, $depth,0,$this->getPagePermsClause(1));
 			reset($this->extPageInTreeInfo);
 			while(list(,$row)=each($this->extPageInTreeInfo)) {
-- 
2.20.1