Comment 2 for bug 1308727

What additional information would you like? Are you unable to reproduce? I'm running DevStack on Ubuntu 12.04.4 LTS. Steps to reproduce:

Upload the attached template file in Orchestration->Stacks and create a new instance. Click on the Stack Name and go to the Resources or Events tab. The HTML output is:

<a href="my_instance"><img src="zz" onerror="alert(1)">" class=""&gt;my_instance"&gt;&lt;img src=zz onerror=alert(1)&gt;</a>

This is due to the resource name in the attached yaml file, which I will paste here:

======

heat_template_version: 2013-05-23

description: Simple template to deploy a single compute instance

resources:
  my_instance"><img src=zz onerror=alert(1)>:
    type: OS::Nova::Server
    properties:
      key_name: my_key
      image: cirros-0.3.1-x86_64-uec
      flavor: m1.nano

======

Please let me know if you need further information.