quickaction_url( :ident => quickvote.name,
:action => 'results' ) %>
<% else %>
- <%= quickvote.name %>
+ <%=h quickvote.name %>
<% end %>
</td>
- <td><%= quickvote.startdate.strftime("%x") %></td>
- <td><%= quickvote.enddate.strftime("%x") %></td>
- <td><%= quickvote.description %></td>
+ <td><%=h quickvote.startdate.strftime("%x") %></td>
+ <td><%=h quickvote.enddate.strftime("%x") %></td>
+ <td><%=h quickvote.description %></td>
</tr>
<% end %>
</table>