gitweb: esc_html() site name for title in OPML

diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index b07703253244e20e3e3c87c5ba7a89b672c491a0..a9f39d59cdaec0880106cbdd03f4011d034d9de8 100755 (executable)
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -7700,11 +7700,12 @@ sub git_opml {
                -charset => 'utf-8',
                -content_disposition => 'inline; filename="opml.xml"');
 
+       my $title = esc_html($site_name);
        print <<XML;
 <?xml version="1.0" encoding="utf-8"?>
 <opml version="1.0">
 <head>
-  <title>$site_name OPML Export</title>
+  <title>$title OPML Export</title>
 </head>
 <body>
 <outline text="git RSS feeds">