From e49f94d02e7a292bf7466750685bee46770e1d3c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?=
 <marcosgdf@gmail.com>
Date: Sun, 5 Jan 2014 04:52:45 +0100
Subject: [PATCH] Fixed XSS problem in title tag

---
 htdocs/main.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index e8342224c4b..1ec90826662 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -968,7 +968,7 @@ function top_htmlhead($head, $title='', $disablejs=0, $disablehead=0, $arrayofjs
         $appli='Dolibarr';
         if (!empty($conf->global->MAIN_APPLICATION_TITLE)) $appli=$conf->global->MAIN_APPLICATION_TITLE;
 
-        if ($title) print '<title>'.$appli.' - '.$title.'</title>';
+        if ($title) print '<title>'.$appli.' - '.htmlentities($title).'</title>';
         else print "<title>".$appli."</title>";
         print "\n";