From 7232e7a29da9b6ada90117fc149e02a3928d4a2a Mon Sep 17 00:00:00 2001
From: Nathan van der Werf <nvanderwerf93@gmail.com>
Date: Fri, 18 Jan 2019 17:26:56 +0100
Subject: [PATCH] Escape output to prevent XSS injection (#4074)

Credit to @nathan-van-der-werf
---
 modules/backend/controllers/auth/reset.htm            | 4 ++--
 modules/cms/widgets/componentlist/partials/_items.htm | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/backend/controllers/auth/reset.htm b/modules/backend/controllers/auth/reset.htm
index 039178ab4..6761a369f 100644
--- a/modules/backend/controllers/auth/reset.htm
+++ b/modules/backend/controllers/auth/reset.htm
@@ -2,8 +2,8 @@
 
 <?= Form::open() ?>
     <input type="hidden" name="postback" value="1" />
-    <input type="hidden" name="id" value="<?= $id ?>" />
-    <input type="hidden" name="code" value="<?= $code ?>" />
+    <input type="hidden" name="id" value="<?= e($id) ?>" />
+    <input type="hidden" name="code" value="<?= e($code) ?>" />
 
     <div class="form-elements" role="form">
         <div class="form-group text-field horizontal-form october">
diff --git a/modules/cms/widgets/componentlist/partials/_items.htm b/modules/cms/widgets/componentlist/partials/_items.htm
index f57da47e6..8abe9137b 100644
--- a/modules/cms/widgets/componentlist/partials/_items.htm
+++ b/modules/cms/widgets/componentlist/partials/_items.htm
@@ -4,7 +4,7 @@
         <li class="group" data-status="<?= $this->getCollapseStatus($item->pluginClass, false) ? 'expanded' : 'collapsed' ?>" data-group-id="<?= e($item->pluginClass) ?>">
             <div class="group">
                 <h4><a href="#"><?= e(trans($item->title)) ?></a></h4>
-                <i class="<?= $item->icon ?>"></i>
+                <i class="<?= e($item->icon) ?>"></i>
                 <span class="description"><?= e(trans($item->description)) ?></span>
             </div>
             <?= $this->makePartial('component_list', ['components'=>$item->items]) ?>