XXS fixes, as in stable

[squirrelmail.git] / functions / imap_search.php

diff --git a/functions/imap_search.php b/functions/imap_search.php
index 934bce16bf4e3ba70887d02e9b7464ea7a1ffaa9..52731ab615b056f737f34ca1cb13c65cc234aaec 100644 (file)
--- a/functions/imap_search.php
+++ b/functions/imap_search.php
@@ -102,7 +102,7 @@ function sqimap_search($imapConnection, $search_where, $search_what, $mailbox,
         if (strstr($errors,'* SEARCH')) {
             return array();
         }
-        echo "<!-- $errors -->";
+        echo '<!-- '.htmlspecialchars($errors) .' -->';
     }