From fab23cec2b253daafc68e5b1f5510791aa0f12eb Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Tue, 13 Aug 2019 21:12:24 +0200
Subject: [PATCH] [Web] Fix XSS in call field

---
 data/web/js/site/debug.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/web/js/site/debug.js b/data/web/js/site/debug.js
index ca3e2eaf..ddf7e0cb 100644
--- a/data/web/js/site/debug.js
+++ b/data/web/js/site/debug.js
@@ -572,6 +572,7 @@ jQuery(function($){
         } else {
           item.message = escapeHtml(item.message);
         }
+        item.call = escapeHtml(item.call);
         var danger_class = ["emerg", "alert", "crit", "err"];
         var warning_class = ["warning", "warn"];
         var info_class = ["notice", "info", "debug"];