diff --git a/CHANGES.txt b/CHANGES.txt
index 2b963e1830..9d386e9ed5 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -13,6 +13,9 @@ w/out encoding HTML entities. Reported by Russ McRee.
10/01/08: Update: HFS support is enabled if TSK was compiled with
support for it.
+10/08/08: Bug Fix: Added some more HTML entity escaping to case management
+values (such as description). Reported by Daniel Medianero.
+
--------------------------- Version 2.10 --------------------------------
2/20/08: Bug Fix: Added 'tsk' to the path for sorter to find the 'images'
config file. Reported by Russell Reynolds.
diff --git a/lib/Caseman.pm b/lib/Caseman.pm
index 5c0414eb98..dd424bb874 100644
--- a/lib/Caseman.pm
+++ b/lib/Caseman.pm
@@ -326,7 +326,7 @@ sub read_case_config {
next if ((/^\#/) || (/^\s+$/));
s/^\s+//;
s/\s+$//;
- $Caseman::cvals{$1} = $2 if (/^(\S+)\s+(.*)$/);
+ $Caseman::cvals{$1} = Print::html_encode($2) if (/^(\S+)\s+(.*)$/);
}
close(CONFIG);
@@ -647,7 +647,7 @@ sub case_open {
print " CHECKED";
$first = 1;
}
- print ">$c";
+ print ">" . Print::html_encode($c) . "";
Caseman::read_case_config($c);
@@ -720,11 +720,6 @@ sub case_details {
read_case_config();
- $Caseman::cvals{'desc'} = " "
- unless (exists $Caseman::cvals{'desc'});
- $Caseman::cvals{'created'} = " "
- unless (exists $Caseman::cvals{'created'});
-
print "