From 92b5222295d6d1a8f49fe688a822922f8372b7d2 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Tue, 20 Jan 2015 22:40:39 +0100
Subject: [ticket/13527] Apply htmlspecialchars() to data from version server.

PHPBB3-13527
---
 phpBB/includes/acp/acp_update.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'phpBB/includes/acp/acp_update.php')

diff --git a/phpBB/includes/acp/acp_update.php b/phpBB/includes/acp/acp_update.php
index 7d16a46916..87d5c51b56 100644
--- a/phpBB/includes/acp/acp_update.php
+++ b/phpBB/includes/acp/acp_update.php
@@ -34,7 +34,7 @@ class acp_update
 		$this->page_title = 'ACP_VERSION_CHECK';
 
 		// Get current and latest version
-		$info = obtain_latest_version_info(request_var('versioncheck_force', false));
+		$info = htmlspecialchars(obtain_latest_version_info(request_var('versioncheck_force', false)));
 
 		if (empty($info))
 		{
-- 
cgit v1.2.1