From d843603ad6959f6dd17a0f045f70d1c0f78b9e1d Mon Sep 17 00:00:00 2001
From: Kevin Traa <ketra90@gmail.com>
Date: Wed, 19 Jun 2024 11:23:07 +0200
Subject: [PATCH] Update _filter_advanced.tt

Prevent XSS attack by sanitizing the content of the textbox.
---
 templates/_filter_advanced.tt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/_filter_advanced.tt b/templates/_filter_advanced.tt
index 8b72878e4..0cc6e284e 100644
--- a/templates/_filter_advanced.tt
+++ b/templates/_filter_advanced.tt
@@ -5,4 +5,4 @@ rows="5"
 wrap="hard"
 name="[% paneprefix %]q"[% DEFAULT disabled = 0; IF disabled %] disabled[% END %]
 onfocus="initAutoCompleteQuery(this, queryCodeCompletions)"
->[% content %]</textarea>
\ No newline at end of file
+>[% content | html %]</textarea>