diff options
-rw-r--r-- | include/functions_html.inc.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/include/functions_html.inc.php b/include/functions_html.inc.php index f4eade57f..7581757bb 100644 --- a/include/functions_html.inc.php +++ b/include/functions_html.inc.php @@ -583,9 +583,9 @@ function get_thumbnail_title($info, $title, $comment) $title.= ' ('.implode(', ', $details).')'; } - if (!empty($comment)) + if (!empty($info['comment'])) { - $info['comment'] = trigger_event('render_element_description', $info['comment']); + $info['comment'] = htmlspecialchars(strip_tags(trigger_event('render_element_description', $info['comment']))); $title.= ' '.substr($info['comment'], 0, 100).(strlen($info['comment']) > 100 ? '...' : ''); } |