Protect against XSS by someone broadcasting an HTML SSID... (better to be safe...)

1 files changed, 1 insertions, 1 deletions

diff --git a/usr/local/www/status_wireless.php b/usr/local/www/status_wireless.php
index 0aa56ba..cc04bb3 100755
--- a/usr/local/www/status_wireless.php
+++ b/usr/local/www/status_wireless.php
@@ -115,7 +115,7 @@ display_top_tabs($tab_array);
 		/* Split by Mac address for the SSID Field */
 		$split = preg_split("/([0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f])/i", $state);
 		preg_match("/([0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f])/i", $state, $bssid);
-		$ssid = $split[0];
+		$ssid = htmlspecialchars($split[0]);
 		$bssid = $bssid[0];
 		/* Split the rest by using spaces for this line using the 2nd part */
 		$split = preg_split("/[ ]+/i", $split[1]);