From 8111cac36399699278647a115e8929e1c0cf389f Mon Sep 17 00:00:00 2001
From: ovclas <ovclas@gmail.com>
Date: Fri, 10 Feb 2012 00:46:54 +0000
Subject: [PATCH] issue XSS Defense for member view in admin page

git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.0@10105 201d5d3c-b55e-5fd7-737f-ddc643e51545
---
 modules/member/member.admin.view.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/member/member.admin.view.php b/modules/member/member.admin.view.php
index 7262a10e6..1b65e3f96 100644
--- a/modules/member/member.admin.view.php
+++ b/modules/member/member.admin.view.php
@@ -139,10 +139,10 @@
 			
 			$disableColumns = array('password', 'find_account_question');			
 			Context::set('disableColumns', $disableColumns);			
-			
+
 			$security = new Security();
 			$security->encodeHTML('member_config..');
-			$security->encodeHTML('memberInfo.user_name', 'memberInfo.nick_name', 'memberInfo.description','memberInfo.group_list..');			
+			$security->encodeHTML('memberInfo.user_name', 'memberInfo.nick_name', 'memberInfo.find_account_answer', 'memberInfo.description','memberInfo.group_list..');			
 			$security->encodeHTML('extend_form_list...');
 			
             $this->setTemplateFile('member_info');