From 249d96b0bdb705aca70f8804b61b77b7c099c330 Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Fri, 21 Sep 2012 09:36:31 -0700
Subject: [PATCH] HTML escape search text

---
 man/search.cgi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/man/search.cgi b/man/search.cgi
index de53b46a8..0943b4e57 100755
--- a/man/search.cgi
+++ b/man/search.cgi
@@ -282,7 +282,7 @@ if (@rv) {
 	print &ui_columns_end();
 	}
 else {
-	print "<p><b>",&text('search_none', "<tt>$in{'for'}</tt>"),"</b><p>\n";
+	print "<p><b>",&text('search_none', "<tt>".&html_escape($in{'for'})."</tt>"),"</b><p>\n";
 	}
 
 &ui_print_footer("", $text{'index_return'});