diff --git a/app/extensions/extensions.php b/app/extensions/extensions.php index a191c65e0a..7e5b3deffb 100644 --- a/app/extensions/extensions.php +++ b/app/extensions/extensions.php @@ -166,7 +166,7 @@ if (permission_exists('extension_export')) { echo " \n"; } - echo " "; + echo " "; echo " "; if ($paging_controls_mini != '') { echo "".$paging_controls_mini."\n"; @@ -225,19 +225,19 @@ $ext_ids[] = 'checkbox_'.$row['extension_uuid']; } if ($_GET['show'] == "all" && permission_exists('extension_all')) { - echo " ".$_SESSION['domains'][$row['domain_uuid']]['domain_name']."\n"; + echo " ".escape($_SESSION['domains'][$row['domain_uuid']]['domain_name'])."\n"; } echo " "; if (permission_exists('extension_edit')) { - echo "".$row['extension'].""; + echo "".escape($row['extension']).""; } else { - echo $row['extension']; + echo escape($row['extension']); } echo "\n"; - echo " ".$row['call_group']." \n"; + echo " ".escape($row['call_group'])." \n"; //echo " ".$row['voicemail_mail_to']." \n"; - echo " ".$row['user_context']."\n"; + echo " ".escape($row['user_context'])."\n"; if (permission_exists('extension_registered')) { echo " "; @@ -266,8 +266,8 @@ echo " \n"; } - echo " ".ucwords($row['enabled'])."\n"; - echo " ".$row['description']." \n"; + echo " ".escape(ucwords($row['enabled']))."\n"; + echo " ".escape($row['description'])." \n"; echo " "; if (permission_exists('extension_edit')) {