diff --git a/core/modules/system/system.admin.inc b/core/modules/system/system.admin.inc index a45a0e3..766d3ee 100644 --- a/core/modules/system/system.admin.inc +++ b/core/modules/system/system.admin.inc @@ -893,7 +893,7 @@ function system_modules($form, $form_state = array()) { foreach (element_children($form['modules']) as $package) { $form['modules'][$package] += array( '#type' => 'fieldset', - '#title' => t($package), + '#title' => check_plain(t($package)), '#collapsible' => TRUE, '#theme' => 'system_modules_fieldset', '#header' => array( @@ -958,13 +958,13 @@ function _system_modules_build_row($info, $extra) { ); // Set the basic properties. $form['name'] = array( - '#markup' => $info['name'], + '#markup' => check_plain($info['name']), ); $form['description'] = array( - '#markup' => t($info['description']), + '#markup' => filter_xss_admin(t($info['description'])), ); $form['version'] = array( - '#markup' => $info['version'], + '#markup' => check_plain($info['version']), ); $form['#requires'] = $extra['requires']; $form['#required_by'] = $extra['required_by']; @@ -2721,13 +2721,13 @@ function theme_system_themes_page($variables) { $screenshot = $theme->screenshot ? theme('image', $theme->screenshot) : '
' . t('no screenshot') . '
'; // Localize the theme description. - $description = t($theme->info['description']); + $description = filter_xss_admin(t($theme->info['description'])); // Style theme info $notes = count($theme->notes) ? ' (' . join(', ', $theme->notes) . ')' : ''; $theme->classes[] = 'theme-selector'; $theme->classes[] = 'clearfix'; - $output .= '
' . $screenshot . '

' . $theme->info['name'] . ' ' . (isset($theme->info['version']) ? $theme->info['version'] : '') . $notes . '

' . $description . '
'; + $output .= '
' . $screenshot . '

' . check_plain($theme->info['name']) . ' ' . (isset($theme->info['version']) ? check_plain($theme->info['version']) : '') . $notes . '

' . $description . '
'; // Make sure to provide feedback on compatibility. if (!empty($theme->incompatible_core)) {