- <if entry.title><b>${entry.title}</b><br></if>
- <if entry.creator>Von: ${entry.creator}<br></if>
- <font size="-1">${entry.description}</font>
- <if entry.main_url><br>URL: ${entry.main_url}</if>
- <br><a href="${config.actionRoot}?module=Comment&do=edit&order=${data.order}&offset=${data.offset}&id=${entry.id}">${lang("edit")}</a>
+ <if entry.title><b>${encodeHTML(entry.title)}</b><br></if>
+ <if entry.creator>Von: ${encodeHTML(entry.creator)}<br></if>
+ <font size="-1">${encodeHTML(entry.description)}</font>
+ <if entry.main_url><br>URL: ${encodeHTML(entry.main_url)}</if>
+ <br><a href="${config.actionRoot}?module=Comment&do=edit&order=${encodeHTML(data.order)}&offset=${data.offset}&id=${entry.id}">${lang("edit")}</a>