From c28a5e261f2ab696b1e3959ddfa3b44a79ff8a19 Mon Sep 17 00:00:00 2001
From: INOPIAE <inopiae@cacert.org>
Date: Wed, 22 Jul 2015 20:43:26 +0200
Subject: [PATCH] bug-1390: added escaping wit htmlspecialchars function and
 encoding UTF-8

---
 manager/application/views/scripts/mail/read.phtml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manager/application/views/scripts/mail/read.phtml b/manager/application/views/scripts/mail/read.phtml
index ac6c183..21ac131 100644
--- a/manager/application/views/scripts/mail/read.phtml
+++ b/manager/application/views/scripts/mail/read.phtml
@@ -7,4 +7,4 @@ $this->headLink()->appendStylesheet('/css/mail.css');
 ?>
 <H1><?php print I18n::_('Read Mail'); ?></H1>
 <?php
-print nl2br(quoted_printable_decode($this->mail_body));
+print nl2br(htmlspecialchars(quoted_printable_decode($this->mail_body), ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'));