From 68b8730c64b3a80f811fe37c8dff4bb30607ee4f Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Mon, 1 Jan 2018 18:03:25 +0100
Subject: [PATCH] - fixed reflection XSS in dns spf form

---
 interface/web/dns/dns_spf_edit.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/interface/web/dns/dns_spf_edit.php b/interface/web/dns/dns_spf_edit.php
index ca109272d8..6fb11a3021 100644
--- a/interface/web/dns/dns_spf_edit.php
+++ b/interface/web/dns/dns_spf_edit.php
@@ -108,9 +108,9 @@ class page_action extends tform_actions {
 		}
 
 		//set html-values
-		$app->tpl->setVar("spf_ip", $spf_ip);
-		$app->tpl->setVar("spf_hostname", $spf_hostname);
-		$app->tpl->setVar("spf_domain", $spf_domain);
+		$app->tpl->setVar("spf_ip", $spf_ip, true);
+		$app->tpl->setVar("spf_hostname", $spf_hostname, true);
+		$app->tpl->setVar("spf_domain", $spf_domain, true);
 		//create spf-mechanism-list
 		$spf_mechanism_value = array( 
 			'+' => 'spf_mechanism_pass_txt',
-- 
GitLab