Fix for Trac#446: prevent XSS vulnerabilities

git-svn-id: http://svn.code.sf.net/p/itop/code/trunk@1564 a333f486-631f-4898-b8df-5754b55c2be0

portal/index.php

@@ -50,7 +50,7 @@ function DumpHiddenParams($oP, $aInteractive, $aParameters)
 	{
 		if (!in_array($sAttCode, $aInteractive))
 		{
-			$oP->Add("<input type=\"hidden\" name=\"attr_$sAttCode\" value=\"$value\">");
+			$oP->Add("<input type=\"hidden\" name=\"attr_$sAttCode\" value=\"".htmlentities($value)."\">");
 		}
 	}
 }