From a8a6e2b248ebc072f575638f32b522d33b3160bb Mon Sep 17 00:00:00 2001
From: ovclas <ovclas@gmail.com>
Date: Wed, 29 Feb 2012 08:29:51 +0000
Subject: [PATCH] issue 1353 xss defense in member info page

git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.0@10270 201d5d3c-b55e-5fd7-737f-ddc643e51545
---
 modules/member/member.model.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/member/member.model.php b/modules/member/member.model.php
index 524d545cd..6b98e94ac 100644
--- a/modules/member/member.model.php
+++ b/modules/member/member.model.php
@@ -254,7 +254,7 @@
 
 				// XSS defence
 				$oSecurity = new Security($info);
-				$oSecurity->encodeHTML('user_name', 'nick_name', 'address.');
+				$oSecurity->encodeHTML('user_name', 'nick_name', 'address.', 'group_list.');
 
                 if($extra_vars)
 				{