From e84c6f7a24fa5ac2d6fd21ac0c050505c7375cd6 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Sat, 6 Jun 2020 18:32:22 +0200
Subject: [PATCH] Fix XSS in character search

(cherry picked from commit dfc70c098f43b320cbb750b0a89ee9c027ce8fed)
---
 system/templates/error_box.html.twig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/templates/error_box.html.twig b/system/templates/error_box.html.twig
index f06c1d73..e6ed4992 100644
--- a/system/templates/error_box.html.twig
+++ b/system/templates/error_box.html.twig
@@ -9,7 +9,7 @@
 			<div class="AttentionSign" style="background-image:url({{ template_path }}/images/content/attentionsign.gif);"></div>
 			<b>The Following Errors Have Occurred:</b><br/>
 			{% for error in errors %}
-			<li>{{ error|raw }}</li>
+			<li>{{ error|striptags('<b>')|raw }}</li>
 			{% endfor %}
 		</div>
 		<div class="BoxFrameHorizontal" style="background-image:url({{ template_path }}/images/content/box-frame-horizontal.gif);"></div>