XSS fixes

1 files changed, 2 insertions, 2 deletions

diff --git a/modules/server_add/views/admin_server_add.html.php b/modules/server_add/views/admin_server_add.html.php
index 30ab3536..c4439bda 100644
--- a/modules/server_add/views/admin_server_add.html.php
+++ b/modules/server_add/views/admin_server_add.html.php
@@ -11,12 +11,12 @@
     <ul id="gPathList">
       <? foreach ($paths as $id => $path): ?>
       <li class="ui-icon-left">
-        <a href="<?= url::site("admin/server_add/remove_path?path=$path&amp;csrf=$csrf") ?>"
+        <a href="<?= url::site("admin/server_add/remove_path?path=" . urlencode($path) . "&amp;csrf=$csrf") ?>"
            id="icon_<?= $id?>"
            class="gRemoveDir ui-icon ui-icon-trash">
           X
         </a>
-        <?= $path ?>
+        <?= SafeString::of($path) ?>
       </li>
       <? endforeach ?>
     </ul>