Remove XSS when add/edit career - refs BT#10295

Author: AngelFQC

main/inc/lib/career.lib.php

@@ -220,6 +220,10 @@ public function get_status($career_id)
      */
     public function save($params, $show_query = false)
     {
+        if (isset($params['description'])) {
+            $params['description'] = Security::remove_XSS($params['description']);
+        }
+
         $id = parent::save($params);
         if (!empty($id)) {
             Event::addEvent(
@@ -249,4 +253,12 @@ public function delete($id)
             api_get_user_id()
         );
     }
+
+    public function update($params) {
+        if (isset($params['description'])) {
+            $params['description'] = Security::remove_XSS($params['description']);
+        }
+
+        parent::update($params);
+    }
 }