From 1aeb19539f288628718622888b68a27266700202 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Thu, 22 Jan 2015 23:40:09 -0500
Subject: [PATCH] Closes #118 Fix critical XSS vulnerability

---
 admin/admin_ticket.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php
index 38eaacb7..27e4736c 100644
--- a/admin/admin_ticket.php
+++ b/admin/admin_ticket.php
@@ -859,7 +859,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
 		                            <i class="fa fa-check-circle"></i> '.$hesklang['open_action'].'</a>';
                             }
 
-                            $linkText = 'new_ticket.php?name='.$ticket['name'].'&email='.$ticket['email'].'&catid='.$category['id'].'&priority='.$ticket['priority'];
+                            $strippedName = strip_tags($ticket['name']);
+                            $strippedEmail = strip_tags($ticket['email']);
+                            $linkText = 'new_ticket.php?name='.$strippedName.'&email='.$strippedEmail.'&catid='.$category['id'].'&priority='.$ticket['priority'];
                             foreach ($hesk_settings['custom_fields'] as $k=>$v)
                             {
                                 if ($v['use'] == 1)
@@ -871,7 +873,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                     } else {
                                         $value = $ticket[$k];
                                     }
-                                    $linkText .= '&c_'.$k.'='.$value;
+                                    $strippedCustomField = strip_tags($value);
+                                    $linkText .= '&c_'.$k.'='.$strippedCustomField;
                                 }
                             }