templates: Hopefully escape all template inputs

2025-08-02 18:20:35 +02:00
parent b94f47ed27
commit c6424f37a6
24 changed files with 116 additions and 116 deletions
--- a/src/root/queue-summary.tt
+++ b/src/root/queue-summary.tt
@@ -39,7 +39,7 @@
      [% FOREACH s IN systems %]
        <tr>
          <td><tt>[% HTML.escape(s.system) %]</tt></td>
-          <td>[% s.c %]</td>
+          <td>[% HTML.escape(s.c) %]</td>
        </tr>
      [% END %]
    </tdata>