Add escaping to increment ID

sippsolutions · ihor-sviziev · web-flow · commit 8864695fc72c · 2021-08-27T17:18:47.000+02:00
Co-authored-by: Ihor Sviziev &lt;ihor-sviziev@users.noreply.github.com&gt;
diff --git a/app/code/Magento/Sales/view/frontend/templates/order/print/invoice.phtml b/app/code/Magento/Sales/view/frontend/templates/order/print/invoice.phtml
@@ -14,7 +14,7 @@
 <?php foreach ($_invoices as $_invoice) : ?>
 <div class="order-details-items invoice">
     <div class="order-title">
-        <strong><?= $block->escapeHtml(__('Invoice #')) ?><?= $_invoice->getIncrementId() ?></strong>
+        <strong><?= $block->escapeHtml(__('Invoice #')) ?><?= $block->escapeHtml($_invoice->getIncrementId()) ?></strong>
     </div>
     <div class="table-wrapper table-order-items invoice">
         <table class="data table table-order-items invoice" id="my-invoice-table-<?= (int) $_invoice->getId() ?>">
