apps/wman/search.tpl: we already filter user input. avoid xss by printing filtered user input instead of unfiltered user input on error.

apps/wman/search.tpl

@@ -6,7 +6,7 @@
 
 % if(! ~ $"post_arg_wman_search '') {
 %   if(~ $"wman_search_results '') {
-        No matches found for <i>'%($post_arg_wman_search%)'</i>.
+        No matches found for <i>'%($s%)'</i>.
 %   }
 %   if not {
         <ul>