From d231553196950a80cfc98cadb2e0041ab343d510 Mon Sep 17 00:00:00 2001
From: ranjit-git <pahan.ranjit0201@gmail.com>
Date: Tue, 24 Oct 2023 09:24:59 +0530
Subject: [PATCH] event title xss fix

xss fix report link https://huntr.com/bounties/85a48225-24a4-4d5a-8134-36724183b53e/
---
 templates/CRM/Event/Page/DashBoard.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/CRM/Event/Page/DashBoard.tpl b/templates/CRM/Event/Page/DashBoard.tpl
index 56587d3880f8..1fb1c38ce3a0 100644
--- a/templates/CRM/Event/Page/DashBoard.tpl
+++ b/templates/CRM/Event/Page/DashBoard.tpl
@@ -37,7 +37,7 @@
     <tbody>
     {foreach from=$eventSummary.events item=values key=id}
     <tr class="crm-event_{$id}">
-        <td class="crm-event-eventTitle"><a href="{crmURL p="civicrm/event/info" q="reset=1&id=`$id`"}" title="{ts}View event info page{/ts}">{$values.eventTitle}</a>
+        <td class="crm-event-eventTitle"><a href="{crmURL p="civicrm/event/info" q="reset=1&id=`$id`"}" title="{ts}View event info page{/ts}">{$values.eventTitle|smarty:nodefaults|purify}</a>
             {if $values.is_repeating_event}
                 <br/>
                 {if $values.is_repeating_event eq $id}