From 160129879a39d7129fb5c5f27279c112a94ad284 Mon Sep 17 00:00:00 2001
From: qw5414 <sosifam@070805.co.kr>
Date: Thu, 18 Feb 2016 16:49:15 +0900
Subject: [PATCH] =?UTF-8?q?=EC=AA=BD=EC=A7=80=20=EB=B0=9C=EC=86=A1?=
 =?UTF-8?q?=EC=8B=9C=20=EC=9D=B4=EB=A9=94=EC=9D=BC=EB=A1=9C=20=ED=97=98?=
 =?UTF-8?q?=EA=B9=A8=20=EB=B0=9C=EC=86=A1=EB=90=98=EB=8A=94=20=EC=BD=98?=
 =?UTF-8?q?=ED=85=90=EC=B8=A0=EC=9D=98=20=ED=95=84=ED=84=B0=EB=A7=81=20?=
 =?UTF-8?q?=EB=B3=B4=EC=B6=A9=20=EC=B6=94=EA=B0=80=20(xe1.8.16)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 modules/communication/communication.controller.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/communication/communication.controller.php b/modules/communication/communication.controller.php
index f77b3e05f..452c61afc 100644
--- a/modules/communication/communication.controller.php
+++ b/modules/communication/communication.controller.php
@@ -130,7 +130,7 @@ class communicationController extends communication
 			$view_url = Context::getRequestUri();
 			$content = sprintf("%s<br /><br />From : <a href=\"%s\" target=\"_blank\">%s</a>", $content, $view_url, $view_url);
 			$oMail = new Mail();
-			$oMail->setTitle($title);
+			$oMail->setTitle(htmlspecialchars($title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false));
 			$oMail->setContent(utf8_mbencode(removeHackTag($content)));
 			$oMail->setSender($logged_info->nick_name, $logged_info->email_address);
 			$oMail->setReceiptor($receiver_member_info->nick_name, $receiver_member_info->email_address);