From 4d39d113ad15bb17d075b22313e9d7f99f9437d8 Mon Sep 17 00:00:00 2001
From: Carsten Schmitz <carsten.schmitz@limesurvey.org>
Date: Sun, 19 Feb 2023 23:13:05 +0100
Subject: [PATCH] Fixed issue: [security] Minor XSS vulnerability in general
 survey settings

---
 .../survey/subview/accordion/_generaloptions_panel.php      | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/application/views/admin/survey/subview/accordion/_generaloptions_panel.php b/application/views/admin/survey/subview/accordion/_generaloptions_panel.php
index b764a4e6e78..38d304cfee0 100755
--- a/application/views/admin/survey/subview/accordion/_generaloptions_panel.php
+++ b/application/views/admin/survey/subview/accordion/_generaloptions_panel.php
@@ -147,7 +147,7 @@ function checkSelect2Languages(mylangs) {
                 <div class="row">
                     <div class="col-xs-12 col-sm-12 col-md-8 col-lg-8 content-right">
                         <label class=" control-label"  for='admin'><?php  eT("Administrator:"); ?></label>
-                            <input class="form-control inherit-edit <?php echo ($bShowInherited && $admin === 'inherit' ? 'hide' : 'show'); ?>" type='text' size='50' id='admin' name='admin' value="<?php echo htmlspecialchars($admin); ?>" data-inherit-value="inherit" data-saved-value="<?php echo $admin; ?>"/>
+                            <input class="form-control inherit-edit <?php echo ($bShowInherited && $admin === 'inherit' ? 'hide' : 'show'); ?>" type='text' size='50' id='admin' name='admin' value="<?php echo htmlspecialchars($admin); ?>" data-inherit-value="inherit" data-saved-value="<?php echo htmlspecialchars($admin); ?>"/>
                             <input class="form-control inherit-readonly <?php echo ($bShowInherited && $admin === 'inherit' ? 'show' : 'hide'); ?>" type='text' size='50' value="<?php echo htmlspecialchars($oSurveyOptions->admin); ?>" readonly />
                     </div>
                     <div class="col-xs-12 col-sm-12 col-md-4 col-lg-4 content-right <?php echo ($bShowInherited ? 'show' : 'hide'); ?>">
@@ -172,7 +172,7 @@ function checkSelect2Languages(mylangs) {
                 <div class="row">
                     <div class="col-xs-12 col-sm-12 col-md-8 col-lg-8 content-right">
                         <label class=" control-label"  for='adminemail'><?php  eT("Administrator email address:"); ?></label>
-                            <input class="form-control inherit-edit <?php echo ($bShowInherited && $adminemail === 'inherit' ? 'hide' : 'show'); ?>" type='<?php echo ($bShowInherited)?'text':'email'; ?>' size='50' id='adminemail' name='adminemail' value="<?php echo htmlspecialchars($adminemail); ?>" data-inherit-value="inherit" data-saved-value="<?php echo $adminemail; ?>"/>
+                            <input class="form-control inherit-edit <?php echo ($bShowInherited && $adminemail === 'inherit' ? 'hide' : 'show'); ?>" type='<?php echo ($bShowInherited)?'text':'email'; ?>' size='50' id='adminemail' name='adminemail' value="<?php echo htmlspecialchars($adminemail); ?>" data-inherit-value="inherit" data-saved-value="<?php echo htmlspecialchars($adminemail); ?>"/>
                             <input class="form-control inherit-readonly <?php echo ($bShowInherited && $adminemail === 'inherit' ? 'show' : 'hide'); ?>" type='text' size='50' value="<?php echo htmlspecialchars($oSurveyOptions->adminemail); ?>" readonly />
                     </div>
                     <div class="col-xs-12 col-sm-12 col-md-4 col-lg-4 content-right <?php echo ($bShowInherited ? 'show' : 'hide'); ?>">
@@ -197,7 +197,7 @@ function checkSelect2Languages(mylangs) {
                 <div class="row">
                     <div class="col-xs-12 col-sm-12 col-md-8 col-lg-8 content-right">
                         <label class=" control-label"  for='bounce_email'><?php  eT("Bounce email address:"); ?></label>
-                            <input class="form-control inherit-edit <?php echo ($bShowInherited && $bounce_email === 'inherit' ? 'hide' : 'show'); ?>" type='<?php echo ($bShowInherited)?'text':'email'; ?>' size='50' id='bounce_email' name='bounce_email' value="<?php echo htmlspecialchars($bounce_email); ?>" data-inherit-value="inherit" data-saved-value="<?php echo $bounce_email; ?>"/>
+                            <input class="form-control inherit-edit <?php echo ($bShowInherited && $bounce_email === 'inherit' ? 'hide' : 'show'); ?>" type='<?php echo ($bShowInherited)?'text':'email'; ?>' size='50' id='bounce_email' name='bounce_email' value="<?php echo htmlspecialchars($bounce_email); ?>" data-inherit-value="inherit" data-saved-value="<?php echo htmlspecialchars($bounce_email); ?>"/>
                             <input class="form-control inherit-readonly <?php echo ($bShowInherited && $bounce_email === 'inherit' ? 'show' : 'hide'); ?>" type='text' size='50' value="<?php echo htmlspecialchars($oSurveyOptions->bounce_email); ?>" readonly />
                     </div>
                     <div class="col-xs-12 col-sm-12 col-md-4 col-lg-4 content-right <?php echo ($bShowInherited ? 'show' : 'hide'); ?>">