From 6e9a0fb9487356e320d3d7c877f650646dbef44f Mon Sep 17 00:00:00 2001
From: Nikolay Bachiyski <nbachiyski@git.wordpress.org>
Date: Tue, 21 Jun 2016 14:18:27 +0000
Subject: [PATCH] Admin: Escape attachment name in case it contains special
 characters

git-svn-id: https://develop.svn.wordpress.org/trunk@37774 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-admin/includes/class-wp-media-list-table.php | 2 +-
 src/wp-includes/post-template.php                   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/wp-admin/includes/class-wp-media-list-table.php b/src/wp-admin/includes/class-wp-media-list-table.php
index 3a61f159bc..d7b17c5685 100644
--- a/src/wp-admin/includes/class-wp-media-list-table.php
+++ b/src/wp-admin/includes/class-wp-media-list-table.php
@@ -395,7 +395,7 @@ class WP_Media_List_Table extends WP_List_Table {
 			<span class="screen-reader-text"><?php _e( 'File name:' ); ?> </span>
 			<?php
 			$file = get_attached_file( $post->ID );
-			echo wp_basename( $file );
+			echo esc_html( wp_basename( $file ) );
 			?>
 		</p>
 		<?php
diff --git a/src/wp-includes/post-template.php b/src/wp-includes/post-template.php
index 6ddc4b34ed..dd83095fcc 100644
--- a/src/wp-includes/post-template.php
+++ b/src/wp-includes/post-template.php
@@ -1475,7 +1475,7 @@ function wp_get_attachment_link( $id = 0, $size = 'thumbnail', $permalink = fals
 	 * @param bool         $icon      Whether to include an icon. Default false.
 	 * @param string|bool  $text      If string, will be link text. Default false.
 	 */
-	return apply_filters( 'wp_get_attachment_link', "<a href='$url'>$link_text</a>", $id, $size, $permalink, $icon, $text );
+	return apply_filters( 'wp_get_attachment_link', "<a href='" . esc_url( $url ) . "'>$link_text</a>", $id, $size, $permalink, $icon, $text );
 }
 
 /**