--- mailboxes/mail_search.cgi.orig	2009-03-18 07:30:35.000000000 +0200
+++ mailboxes/mail_search.cgi	2009-04-09 12:43:30.000000000 +0300
@@ -46,7 +46,8 @@
 		@searchlist = ( [ $field, $what ] );
 		@rv = &mailbox_search_mail(\@searchlist, 0, $folder);
 		print "<p><b>",&text('search_results5', scalar(@rv),
-			    "<tt>$field</tt>", "<tt>$what</tt>")," ..</b><p>\n";
+			    "<tt>" . &html_escape($field) . "</tt>", "<tt>" .
+			    &html_escape($what) . "</tt>")," ..</b><p>\n";
 		}
 	else {
 		# Just search by Subject and From in one folder
@@ -73,7 +74,8 @@
 			&error($text{'search_eboolean'});
 			}
 		print "<p><b>",&text('search_results2', scalar(@rv),
-				     "<tt>$in{'search'}</tt>")," ..</b><p>\n";
+				     "<tt>" . &html_escape($in{'search'}) .
+				     "</tt>")," ..</b><p>\n";
 		}
 	foreach $mail (@rv) {
 		$mail->{'folder'} = $folder;
@@ -106,8 +108,8 @@
 # Show list of messages, with form
 if (@rv) {
 	print &ui_form_start("delete_mail.cgi", "post");
-	print &ui_hidden("user", $in{'user'});
-	print &ui_hidden("folder", $in{'folder'});
+	print &ui_hidden("user", &html_escape($in{'user'}));
+	print &ui_hidden("folder", &html_escape($in{'folder'}));
 	if ($config{'top_buttons'} && !$multi_folder) {
 		&show_buttons(1, \@folders, $folder, \@rv, $in{'user'}, 1);
 		}
@@ -121,8 +123,9 @@
 	print "<b>$text{'search_none'}</b> <p>\n";
 	}
 
-&ui_print_footer($in{'simple'} ? ( ) : ( "search_form.cgi?folder=$in{'folder'}",
-				$text{'sform_return'} ),
-	"list_mail.cgi?user=$in{'user'}&folder=$in{'folder'}", $text{'mail_return'},
+&ui_print_footer($in{'simple'} ? ( ) : ( "search_form.cgi?folder=" .
+	&urlize($in{'folder'}), $text{'sform_return'} ),
+	"list_mail.cgi?user=" . &urlize($in{'user'}) . "&folder=" .
+	&urlize($in{'folder'}), $text{'mail_return'},
 	"", $text{'index_return'});