From a3fa9573789ed5e867c43ea38374f4dbd5a8f81f Mon Sep 17 00:00:00 2001
From: ruolli <ruolin.li@oracle.com>
Date: Mon, 6 May 2019 15:38:42 +0800
Subject: [PATCH] Fixes #4556 : HIGH-LEVEL VULNERABILITY WITHIN MOJARRA JSF
 V2.2

---
 .../main/java/com/sun/faces/context/PartialViewContextImpl.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/impl/src/main/java/com/sun/faces/context/PartialViewContextImpl.java b/impl/src/main/java/com/sun/faces/context/PartialViewContextImpl.java
index 42f78a3d0e..ad9c06a7c9 100644
--- a/impl/src/main/java/com/sun/faces/context/PartialViewContextImpl.java
+++ b/impl/src/main/java/com/sun/faces/context/PartialViewContextImpl.java
@@ -511,7 +511,7 @@ private void renderState(FacesContext context) throws IOException {
         if (null != window) {
             String clientWindowId = Util.getClientWindowId(context);
             writer.startUpdate(clientWindowId);
-            writer.write(window.getId());
+            writer.writeText(window.getId(), null);
             writer.endUpdate();
         }
     }