From d46b8bc86e2b8052ac7362efc72bc60e2e08641f Mon Sep 17 00:00:00 2001
From: Paul McMillan <paul.mcmillan@nebula.com>
Date: Tue, 17 Dec 2013 21:07:49 +0000
Subject: [PATCH] Fix unlikely XSS in attachment rendering.

---
 openstack_dashboard/dashboards/project/volumes/tables.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openstack_dashboard/dashboards/project/volumes/tables.py b/openstack_dashboard/dashboards/project/volumes/tables.py
index 51bd06e..123f7fa 100644
--- a/openstack_dashboard/dashboards/project/volumes/tables.py
+++ b/openstack_dashboard/dashboards/project/volumes/tables.py
@@ -127,7 +127,7 @@ def get_attachment_name(request, attachment):
         url = reverse("horizon:project:instances:detail", args=(server_id,))
         instance = '<a href="%s">%s</a>' % (url, html.escape(name))
     except NoReverseMatch:
-        instance = name
+        instance = html.escape(name)
     return instance
 
 
-- 
1.8.1.2