- <td>${entry.login} </td>
- <td>${entry.is_admin} </td>
- <td><font size="1"> <a href="${config.actionRoot}?module=Users&do=delete&id=${entry.id}">${lang("delete")}</a>
- | <a href="${config.actionRoot}?module=Users&do=edit&id=${entry.id}">${lang("edit")}</a></font></td>
+ <td>${encodeHTML(entry.login)} </td>
+ <td>${encodeHTML(entry.is_admin)} </td>
+ <td><font size="1"> <a href="${encodeHTML(config.actionRoot)}?module=Users&do=delete&id=${encodeHTML(entry.id)}">${lang("delete")}</a>
+ | <a href="${encodeHTML(config.actionRoot)}?module=Users&do=edit&id=${encodeHTML(entry.id)}">${lang("edit")}</a></font></td>