From d0ca8af6ee7334c6a97e13ac2dace4f02198fa84 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 7 Mar 2022 17:10:28 +0100 Subject: [PATCH] Update commande.class.php --- htdocs/commande/class/commande.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index a656c34ca79..042a1f219cd 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -3734,7 +3734,7 @@ class Commande extends CommonOrder $target_value=array('_self', '_blank', '_parent', '_top'); if (in_array($target, $target_value)) { - $linkclose .= ' target="'.$target.'"'; + $linkclose .= ' target="'.dol_escape_htmltag($target).'"'; } }