diff --git a/src/main/webapp/WEB-INF/view/admin/storage/admin_storage.jsp b/src/main/webapp/WEB-INF/view/admin/storage/admin_storage.jsp
index 04d1f6385706d9b64e3eb9f97b7fde0d02ce57d8..7fb934d9325d43631b57edf8d4e7978d8d779380 100644
--- a/src/main/webapp/WEB-INF/view/admin/storage/admin_storage.jsp
+++ b/src/main/webapp/WEB-INF/view/admin/storage/admin_storage.jsp
@@ -56,7 +56,7 @@
<div class="modal-dialog">
<div class="modal-content">
<la:form action="/admin/storage/createDir/" enctype="multipart/form-data" styleClass="form-inline">
- <input type="hidden" name="path" value="${path}" />
+ <input type="hidden" name="path" value="${f:h(path)}" />
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">×</span>
@@ -89,7 +89,7 @@
<div class="modal-dialog">
<div class="modal-content">
<la:form action="/admin/storage/upload/" enctype="multipart/form-data" styleClass="form-inline">
- <input type="hidden" name="path" value="${path}" />
+ <input type="hidden" name="path" value="${f:h(path)}" />
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">×</span>
diff --git a/src/main/webapp/WEB-INF/view/searchResults.jsp b/src/main/webapp/WEB-INF/view/searchResults.jsp
index d7bf23306a5cf82bf1d53ed12ba9dc0ec394219c..b0d529d3d0d2d33e830edb115d075188d426ae31 100644
--- a/src/main/webapp/WEB-INF/view/searchResults.jsp
+++ b/src/main/webapp/WEB-INF/view/searchResults.jsp
@@ -33,8 +33,8 @@
</div>
</c:if>
<div id="result" class="row">
- <input type="hidden" id="queryId" value="${f:u(queryId)}" /> <input
- type="hidden" id="rt" value="${f:u(requestedTime)}" />
+ <input type="hidden" id="queryId" value="${f:h(queryId)}" /> <input
+ type="hidden" id="rt" value="${f:h(requestedTime)}" />
<ol class="list-unstyled col-md-8">
<c:forEach var="doc" varStatus="s" items="${documentItems}">
<li id="result${s.index}">