From fb334f3c1f1ddef27ca2d8c0cd802cb667b79a8d Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Sat, 19 Jan 2013 19:57:17 +0100
Subject: Sanitize the exception

---
 core/ajax/share.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/ajax/share.php b/core/ajax/share.php
index c98a329d0f3..2f5a352c338 100644
--- a/core/ajax/share.php
+++ b/core/ajax/share.php
@@ -99,7 +99,7 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
 				OCP\Util::sendMail($to_address, $to_address, $subject, $text, $from_address, $user);
 				OCP\JSON::success();
 			} catch (Exception $exception) {
-				OCP\JSON::error(array('data' => array('message' => $exception->getMessage())));
+				OCP\JSON::error(array('data' => array('message' => OC_Util::sanitizeHTML($exception->getMessage()))));
 			}
 			break;
 	}
-- 
cgit v1.2.3