From 6e424eb990e7640f6d8f2cb25fe97024ebd95a05 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Sun, 13 Apr 2014 15:24:35 +0200
Subject: [PATCH] Also encode > and '

---
 core/js/js.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/js/js.js b/core/js/js.js
index f10c7163092..b712da4bd02 100644
--- a/core/js/js.js
+++ b/core/js/js.js
@@ -151,7 +151,7 @@ function n(app, text_singular, text_plural, count, vars) {
 * @return Sanitized string
 */
 function escapeHTML(s) {
-	return s.toString().split('&').join('&amp;').split('<').join('&lt;').split('"').join('&quot;');
+	return s.toString().split('&').join('&amp;').split('<').join('&lt;').split('>').join('&gt;').split('"').join('&quot;').split('\'').join('&#039;');
 }
 
 /**