From 629d21b800a15dc649fb0ae9ed7cd9211e7e45db Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Deruss=C3=A9?= <jeremy@derusse.com>
Date: Tue, 4 Feb 2020 10:49:52 +0100
Subject: [PATCH] Escape variable in Exception Template

---
 .../ErrorHandler/Resources/views/traces_text.html.php       | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/Symfony/Component/ErrorHandler/Resources/views/traces_text.html.php b/src/Symfony/Component/ErrorHandler/Resources/views/traces_text.html.php
index e178fe0fcd41..a7090fbe8909 100644
--- a/src/Symfony/Component/ErrorHandler/Resources/views/traces_text.html.php
+++ b/src/Symfony/Component/ErrorHandler/Resources/views/traces_text.html.php
@@ -20,15 +20,15 @@
                 <?php if ($exception['trace']) { ?>
                 <pre class="stacktrace">
 <?php
-                    echo $exception['class'].":\n";
+                    echo $this->escape($exception['class']).":\n";
                     if ($exception['message']) {
-                        echo $exception['message']."\n";
+                        echo $this->escape($exception['message'])."\n";
                     }
 
                     foreach ($exception['trace'] as $trace) {
                         echo "\n  ";
                         if ($trace['function']) {
-                            echo 'at '.$trace['class'].$trace['type'].$trace['function'].'('.(isset($trace['args']) ? $this->formatArgsAsText($trace['args']) : '').')';
+                            echo $this->escape('at '.$trace['class'].$trace['type'].$trace['function']).'('.(isset($trace['args']) ? $this->formatArgsAsText($trace['args']) : '').')';
                         }
                         if ($trace['file'] && $trace['line']) {
                             echo($trace['function'] ? "\n     (" : 'at ').strtr(strip_tags($this->formatFile($trace['file'], $trace['line'])), [' at line '.$trace['line'] => '']).':'.$trace['line'].($trace['function'] ? ')' : '');