diff --git a/core/users/users.php b/core/users/users.php index ab23d07895..b2bb1afc98 100644 --- a/core/users/users.php +++ b/core/users/users.php @@ -191,12 +191,12 @@ echo " ".$row['groups']." \n"; echo " \n"; - echo " ".$row['contact_organization']."  \n"; - echo " ".$row['contact_name_given']." ".$row['contact_name_family']."  \n"; + echo " ".escape($row['contact_organization'])."  \n"; + echo " ".escape($row['contact_name_given'])." ".escape($row['contact_name_family'])."  \n"; echo " \n"; if (permission_exists('ticket_edit')) { - echo " \n"; + echo " \n"; } echo " \n"; echo " "; @@ -209,11 +209,11 @@ echo " \n"; echo " "; if (permission_exists('user_edit')) { - echo "$v_link_label_edit"; + echo "$v_link_label_edit"; } if (permission_exists('user_delete')) { if ($_SESSION["user"]["user_uuid"] != $row['user_uuid']) { - echo "".$v_link_label_delete.""; + echo "".$v_link_label_delete.""; } else { echo "".str_replace("list_control_icon", "list_control_icon_disabled", $v_link_label_delete)."";