From a6734d3609cc9b785167560c71ff35695dc1b4ba Mon Sep 17 00:00:00 2001
From: Saophalkun Ponlu <phalkunz@silverstripe.com>
Date: Sun, 3 Oct 2010 21:40:01 +0000
Subject: [PATCH] BUGFIX Fixed XSS vulnerability in BlogTree? when filtering by
 tags

---
 code/BlogTree.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/code/BlogTree.php b/code/BlogTree.php
index 571190d..ab42af3 100644
--- a/code/BlogTree.php
+++ b/code/BlogTree.php
@@ -222,7 +222,7 @@ class BlogTree extends Page {
 
 class BlogURL {
 	static function tag() {
-		if (Director::urlParam('Action') == 'tag') return Director::urlParam('ID');
+		if (Director::urlParam('Action') == 'tag') return Convert::raw2xml(Director::urlParam('ID'));
 		return '';
 	}