diff --git a/includes/html/pages/notifications.inc.php b/includes/html/pages/notifications.inc.php index 0a172be326..13ea55b52c 100644 --- a/includes/html/pages/notifications.inc.php +++ b/includes/html/pages/notifications.inc.php @@ -84,7 +84,7 @@ if ($notifications['count'] > 0 && ! isset($vars['archive'])) { $class = $notif['severity'] == 2 ? 'text-danger' : 'text-warning'; echo "

"; - echo " ${notif['title']}"; + echo " " . htmlentities($notif['title']) . ''; echo ""; if ($notif['user_id'] != Auth::id()) { @@ -125,7 +125,7 @@ if ($notifications['count'] > 0 && ! isset($vars['archive'])) { } elseif ($notif['severity'] == 2) { $class = 'text-danger'; } - echo "

${notif['title']}"; + echo "

" . htmlentities($notif['title']) . ""; if (Auth::user()->hasGlobalAdmin()) { echo ''; @@ -168,7 +168,7 @@ if ($notifications['count'] > 0 && ! isset($vars['archive'])) { } elseif ($notif['severity'] == 2) { echo ' class="text-danger"'; } - echo " id='${notif['notifications_id']}'>${notif['title']}"; + echo " id='${notif['notifications_id']}'>" . htmlentities($notif['title']); if (Auth::user()->isAdmin()) { echo '';