From dbbdd7c0db212b919b18ac5b8f4150154d9f50f4 Mon Sep 17 00:00:00 2001
From: Chloe Deguzman <chloe.deguzman@processmaker.com>
Date: Tue, 8 Mar 2016 01:47:53 +0000
Subject: [PATCH] HOR-282 Adds XSS filtering to changeStatus.

---
 workflow/engine/controllers/processProxy.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/workflow/engine/controllers/processProxy.php b/workflow/engine/controllers/processProxy.php
index 072ce56b5..3e3607644 100755
--- a/workflow/engine/controllers/processProxy.php
+++ b/workflow/engine/controllers/processProxy.php
@@ -118,7 +118,7 @@ class ProcessProxy extends HttpProxyController
         $oProcess = new Processes();
         if (count( $ids ) > 0) {
             foreach ($ids as $id) {
-                $oProcess->changeStatus( $id );
+                $oProcess->changeStatus( htmlspecialchars($id) );
             }
         }
     }