lib/views/explore/_node_info.erb in mongo3-0.0.7 vs lib/views/explore/_node_info.erb in mongo3-0.0.8

@@ -23,10 +23,10 @@
       <% next if node.data[:slave] and !zone_path?( session[:path_names] ) %> 
       <div id="<%=count%>" class="item">
         <% unless zone_path?( session[:path_names] ) %>
           <img id="<%=count%>" rel="div#confirm_drop" class="drop" href="/explore/database/<%=node.oid%>/<%=node.name%>/drop" title="drop <%=legend%>..." src="/images/delete.png"/>
         <% end %> 
-        <p rel="div#details" href="/explore/show/<%=node.data[:path_ids]%>/<%=node.data[:path_names]%>" class="info">
+        <p rel="div#details" href="/explore/show/<%=CGI.escape(node.data[:path_ids])%>/<%=CGI.escape(node.data[:path_names])%>" class="info">
           <%=truncate(node.name, 30)%>
         </p>
       </div>
     <% count+=1; end %>
   </div>
\ No newline at end of file