diff --git a/www/include/core/menu/menu.php b/www/include/core/menu/menu.php
index a9cb3c5a03faa4f216849e1fd0be826525af8be3..e3bdfc1681551b11fa63f6887dfb4b8110c3e937 100644
--- a/www/include/core/menu/menu.php
+++ b/www/include/core/menu/menu.php
@@ -102,7 +102,7 @@ $tpl->assign("date_time_format_status", _("d/m/Y H:i:s"));
/*
* Display Login
*/
-$tpl->assign("user_login", $centreon->user->get_alias());
+$tpl->assign("user_login", htmlentities($centreon->user->get_alias()));
/*
* Fixe ACL
@@ -153,7 +153,7 @@ if (isset($centreon->optGen["display_autologin_shortcut"])) {
$autoLoginUrl .= "?p=".$root_menu["topology_page"];
}
$autoLoginUrl .= "&autologin=1&useralias=$userAlias&token=".$centreon->user->getToken();
-
+
$prefix = '';
if (!strncmp($_SERVER["SERVER_PROTOCOL"], "HTTP/", 5)) {
$prefix .= "http://";
@@ -180,7 +180,7 @@ $firstP = null;
$sep = " ";
for ($i = 0; $DBRESULT->numRows() && ($elem = $DBRESULT->fetchRow()); $i++) {
$firstP ? null : $firstP = $elem["topology_page"];
-
+
$pageAccess = $centreon->user->access->page($elem["topology_page"]);
if (($pageAccess == "1") || ($pageAccess == "2")) {
$elemArr[2][$i] = array("Menu2Sep" => $sep,
@@ -295,7 +295,7 @@ if ($is_admin) {
$tab_user_non_admin[$session["user_id"]] = array("ip"=>$session["ip_address"], "id"=>$session["user_id"], "alias"=>$session["contact_alias"], "admin"=>$session["contact_admin"]);
}
}
-
+
$tab_user = array_merge($tab_user_admin, $tab_user_non_admin);
unset($tab_user_admin);
unset($tab_user_non_admin);