From ce66759a422384d4b7af6ff6b3ed0ed1e243f68c Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Fri, 12 Oct 2012 13:46:19 +0200
Subject: [PATCH] Sanitize user input

---
 3rdparty/fullcalendar/js/fullcalendar.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/3rdparty/fullcalendar/js/fullcalendar.js b/3rdparty/fullcalendar/js/fullcalendar.js
index 314f8c8a1a..bd5938cd00 100644
--- a/3rdparty/fullcalendar/js/fullcalendar.js
+++ b/3rdparty/fullcalendar/js/fullcalendar.js
@@ -4662,7 +4662,7 @@ function DayEventRenderer() {
 					"</span>";
 			}
 			html +=
-				"<span class='fc-event-title'>" + event.title + "</span>" +
+				"<span class='fc-event-title'>" + htmlEscape(event.title) + "</span>" +
 				"</div>";
 			if (seg.isEnd && isEventResizable(event)) {
 				html +=
@@ -5220,5 +5220,5 @@ function HorizontalPositionCache(getElement) {
 	};
 	
 }
-
+
 })(jQuery);
-- 
GitLab