Fix XSS issues

1 files changed, 2 insertions, 2 deletions

diff --git a/usr/local/www/interfaces_groups_edit.php b/usr/local/www/interfaces_groups_edit.php
index 194dfa0..4196ad8 100755
--- a/usr/local/www/interfaces_groups_edit.php
+++ b/usr/local/www/interfaces_groups_edit.php
@@ -251,7 +251,7 @@ function removeRow(el) {
   <tr>
     <td valign="top" class="vncellreq"><?=gettext("Group Name");?></td>
     <td class="vtable">
-	<input class="formfld unknown" name="ifname" id="ifname" value="<?=$pconfig['ifname'];?>" />
+	<input class="formfld unknown" name="ifname" id="ifname" value="<?=htmlspecialchars($pconfig['ifname']);?>" />
 	<br />
 	<?=gettext("No numbers or spaces are allowed. Only characters in a-zA-Z");?>
     </td>
@@ -259,7 +259,7 @@ function removeRow(el) {
   <tr>
     <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td>
     <td width="78%" class="vtable">
-      <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=$pconfig['descr'];?>" />
+      <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" />
       <br />
       <span class="vexpl">
         <?=gettext("You may enter a description here for your reference (not parsed).");?>