--- view.php-orig   2008-01-29 11:25:27.000000000 -0600
+++ view.php    2008-01-25 11:13:33.000000000 -0600
@@ -377,7 +377,7 @@
         $currenttab = '';
         foreach ($tabs as $tab) {
             $tabname = get_string("tab$tab", 'wiki');
-            $row[] = new tabobject($tabname, $ewbase.'&page='.$tab.'/'.$ewiki_id, $tabname);
+            $row[] = new tabobject($tabname, $ewbase.'&page='.$tab.'/'.htmlspecialchars($ewiki_id), $tabname);
             if ($ewiki_action == "$tab" or in_array($page, $specialpages)) {
                 $currenttab = $tabname;
             }