patch for includes/specials/SpecialListfiles.php
If the wiki includes an uploaded file whose name includes, say, '&', the output of Special:ListFiles fails to parse when output as XHTML. This is because it outputs the filename without passing through htmlspecialchars.
Version: 1.16.x
Severity: normal
Attached: