From: William Desportes <williamdes@wdes.fr>
Date: Sat, 18 Mar 2023 19:13:52 +0100
Subject: Patch CVE-2020-35132 on update data

Ref: https://github.com/leenooks/phpLDAPadmin/issues/137

Origin: vendor
Forwarded: no
---
 lib/PageRender.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/PageRender.php b/lib/PageRender.php
index 3da01d2..789f94a 100644
--- a/lib/PageRender.php
+++ b/lib/PageRender.php
@@ -556,7 +556,7 @@ class PageRender extends Visitor {
 	final protected function drawOldValueAttribute($attribute,$i) {
 		if (DEBUGTMP) printf('<font size=-2>%s</font><br />',__METHOD__);
 
-		echo $attribute->getOldValue($i);
+		echo htmlspecialchars($attribute->getOldValue($i));
 	}
 
 	/** DRAW DISPLAYED CURRENT VALUES **/