From 14b175c3fb9dde1fdc5ffd36c4746e28066ba3a2 Mon Sep 17 00:00:00 2001
From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Fri, 6 Mar 2009 14:46:47 +0000
Subject: [PATCH] Fix XSS in examples web application. This is CVE-2009-0781.
 Security page updates and formal announcement to follow.

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@750921 13f79535-47bb-0310-9956-ffa450edef68
---
 webapps/examples/jsp/cal/cal2.jsp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapps/examples/jsp/cal/cal2.jsp b/webapps/examples/jsp/cal/cal2.jsp
index 8315b7e84..636eaf0bc 100644
--- a/webapps/examples/jsp/cal/cal2.jsp
+++ b/webapps/examples/jsp/cal/cal2.jsp
@@ -35,7 +35,7 @@
 <FORM METHOD=POST ACTION=cal1.jsp>
 <BR> 
 <BR> <INPUT NAME="date" TYPE=HIDDEN VALUE="current">
-<BR> <INPUT NAME="time" TYPE=HIDDEN VALUE=<%= util.HTMLFilter.filter(time) %>
+<BR> <INPUT NAME="time" TYPE=HIDDEN VALUE="<%= util.HTMLFilter.filter(time) %>">
 <BR> <h2> Description of the event <INPUT NAME="description" TYPE=TEXT SIZE=20> </h2>
 <BR> <INPUT TYPE=SUBMIT VALUE="submit">
 </FORM>
-- 
2.11.0