Commit 216e324d authored by anthonylindsay's avatar anthonylindsay

Sanitize block title on display

parent 04b3f213
......@@ -134,7 +134,7 @@ function commerce_popular_products_block_view($delta = '') {
$block = array();
switch ($delta) {
case 'popular-product-block':
$block['subject'] = variable_get('commerce_popular_products_title');
$block['subject'] = check_plain(variable_get('commerce_popular_products_title'));
$block['content'] = commerce_popular_products_get_content();
break;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment