From 9d85eb1b7f828e682de7fe100ba7135d53a32500 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Fri, 2 Sep 2022 10:57:47 +0200
Subject: [PATCH] Update bookmarks.lib.php

---
 htdocs/bookmarks/bookmarks.lib.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/bookmarks/bookmarks.lib.php b/htdocs/bookmarks/bookmarks.lib.php
index 72fc0a9b51e..8eef3396eaa 100644
--- a/htdocs/bookmarks/bookmarks.lib.php
+++ b/htdocs/bookmarks/bookmarks.lib.php
@@ -43,7 +43,7 @@ function printDropdownBookmarksList()
 		if (is_array($_GET)) {
 			foreach ($_GET as $key => $val) {
 				if ($val != '') {
-					$url_param[$key]=http_build_query(array($key => $val));
+					$url_param[$key]=http_build_query(array(dol_escape_htmltag($key) => dol_escape_htmltag($val)));
 				}
 			}
 		}
@@ -62,7 +62,7 @@ function printDropdownBookmarksList()
 			if ((preg_match('/^search_/', $key) || in_array($key, $authorized_var))
 				&& $val != ''
 				&& !array_key_exists($key, $url_param)) {
-				$url_param[$key]=http_build_query(array($key => $val));
+				$url_param[$key]=http_build_query(array(dol_escape_htmltag($key) => dol_escape_htmltag($val)));
 			}
 		}
 	}