Administration -> Search Terms:
Search terms are not properly escaped. Same issue on frontend page with example client. It appears cSecurity::toString is used here. Using stripslashes might be wrong, too. It rather depends on $cfg['simulate_magic_quotes'] value (which is wrong on PHP 5.3 because it does not take magic_quotes_sybase into account) on input. For database purposes driver specific encoding is better.
Search | Shown term
"test<" | "test"
"tes<1" | "tes"
"test< 22" | "test < 22"
Tasks to do:
Make sure $cfg['simulate_magic_quotes'] takes magic_quotes_sybase into account.
Escape chars (not just special ones) using html escape functions on output.