vendor/plugins/images/app/views/admin/images/index.html.erb in refinerycms-0.9.7.9 vs vendor/plugins/images/app/views/admin/images/index.html.erb in refinerycms-0.9.7.10
- old
+ new
@@ -19,10 +19,10 @@
<% end %>
</ul>
</div>
<div id='records'>
<% if searching? %>
- <h2><%= t('admin.search_results_for', :query => params[:search]) %></h2>
+ <h2><%= t('admin.search_results_for', :query => h(params[:search])) %></h2>
<% if @images.any? %>
<%= render :partial => "#{current_image_view}_view" %>
<% else %>
<p><%= t('admin.search_no_results') %></p>
<% end %>