From bde84e40a8da43171c1aa2a19fc7e11a96b4ec85 Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Wed, 14 May 2014 12:59:34 -0700
Subject: [PATCH] Fix XSS in webmin search

---
 webmin_search.cgi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webmin_search.cgi b/webmin_search.cgi
index 456b42efb..558c0984a 100755
--- a/webmin_search.cgi
+++ b/webmin_search.cgi
@@ -12,7 +12,7 @@ do 'webmin-search-lib.pl';
 $prod = &get_product_name();
 $ucprod = ucfirst($prod);
 &ui_print_unbuffered_header(undef,
-	$in{'title'} || &text('wsearch_title', $ucprod), "", undef, 0, 1);
+	&html_escape($in{'title'}) || &text('wsearch_title', $ucprod), "", undef, 0, 1);
 
 # Validate search text
 $re = $in{'search'};