X-Git-Url: https://ruin.nu/git/?a=blobdiff_plain;f=ND%2FWeb%2FForum.pm;h=a7804744ddf7bab6a02e944e14d2e742c12ba463;hb=f95cb73d3dcad85f14d2609c427ecf35aaabb7a5;hp=76adfb2915560654bf96268d48d6d32751204605;hpb=a0338ef8c49837940c009341b135fd038d8acf7a;p=ndwebbie.git

diff --git a/ND/Web/Forum.pm b/ND/Web/Forum.pm
index 76adfb2..a780474 100644
--- a/ND/Web/Forum.pm
+++ b/ND/Web/Forum.pm
@@ -58,7 +58,7 @@ ORDER BY fp.time ASC
 		my $text = parseMarkup(escapeHTML(param('message')));
 		$text .= p b $@ if $@;
 		push @posts,{message => $text, unread => 1, username => 'PREVIEW', Time => 'Not submitted yet', NewPosts => $old ? 1 : 0};
-		$template->param(Message => param('message'));
+		$template->param(Message => escapeHTML param('message'));
 	}
 	$template->param(Posts => \@posts);