Issue #1425122 by greggles, CoffeyMachine: page.tpl.php and _rubik_icon_classes have XSS vulnerability