#611532 by mr.baileys, scor: Fixed XSS Vulnerability in profile.module.

2 files changed, 2 insertions, 2 deletions

diff --git a/modules/profile/profile.admin.inc b/modules/profile/profile.admin.inc
index 1a2f792fc..d7d653b99 100644
--- a/modules/profile/profile.admin.inc
+++ b/modules/profile/profile.admin.inc
@@ -123,7 +123,7 @@ function theme_profile_admin_overview($variables) {
         // class names won't contain invalid characters.
         $categories[$category] = $category_number;
         $category_field['#attributes']['class'] = array('profile-category', 'profile-category-' . $category_number);
-        $rows[] = array(array('data' => $category, 'colspan' => 7, 'class' => array('category')));
+        $rows[] = array(array('data' => check_plain($category), 'colspan' => 7, 'class' => array('category')));
         $rows[] = array('data' => array(array('data' => '<em>' . t('No fields in this category. If this category remains empty when saved, it will be removed.') . '</em>', 'colspan' => 7)), 'class' => array('category-' . $category_number . '-message', 'category-message', 'category-populated'));
 
         // Make it draggable only if there is more than one field
diff --git a/modules/profile/profile.module b/modules/profile/profile.module
index 9e907f64f..5aabb3d7d 100644
--- a/modules/profile/profile.module
+++ b/modules/profile/profile.module
@@ -360,7 +360,7 @@ function profile_user_view($account) {
 }
 
 function _profile_form_explanation($field) {
-  $output = $field->explanation;
+  $output = filter_xss_admin($field->explanation);
 
   if ($field->type == 'list') {
     $output .= ' ' . t('Put each item on a separate line or separate them by commas. No HTML allowed.');