Fix XSS vulnerability in tax invoice view (#4432)

Co-authored-by: Ollama <ollama@steganos.dev>
2026-03-25 10:21:36 -04:00 · 2026-03-13 16:09:04 +00:00
parent ee4d44ed39
commit 02fccaf43f
1 changed files with 1 additions and 1 deletions
--- a/app/Views/sales/tax_invoice.php
+++ b/app/Views/sales/tax_invoice.php
@@ -139,7 +139,7 @@ if (isset($error_message)) {
            if ($item['print_option'] == PRINT_YES) {    // TODO: === ?
        ?>
                <tr class="item-row">
-                    <td><?= $item['item_number'] ?></td>
+                    <td><?= esc($item['item_number']) ?></td>
                    <?php if ($include_hsn): ?>
                        <td style="text-align: center;"><?= esc($item['hsn_code']) ?></td>
                    <?php endif; ?>