From 0ac5af1f6e3987d145d4a079302069cb47577678 Mon Sep 17 00:00:00 2001
From: ryan <ryan@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Wed, 13 Feb 2008 18:14:38 +0000
Subject: [PATCH] Add a prophylactic specialchars to the object in explain
 nonce. see #5838

git-svn-id: http://svn.automattic.com/wordpress/trunk@6817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/functions.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index 0387757cb5..6dff0f7bf0 100644
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -1256,7 +1256,7 @@ function wp_explain_nonce( $action ) {
 				$object = $matches[4];
 				if ( 'use_id' != $lookup )
 					$object = call_user_func( $lookup, $object );
-				return sprintf( $trans[$verb][$noun][0], $object );
+				return sprintf( $trans[$verb][$noun][0], wp_specialchars($object) );
 			} else {
 				return $trans[$verb][$noun][0];
 			}