Modif suggested by Kazuhiko to avoid SQL injection vulnerability

bt5/erp5_dms/SkinTemplateItem/portal_skins/erp5_dms/Base_zGetImplicitPredecessorValueList.xml

@@ -86,7 +86,7 @@ FROM\n
       AND <dtml-var "query[\'where_expression\']">\n
       </dtml-if>\n
       AND\n
-        MATCH(SearchableText) AGAINST(<dtml-let reference="\'%s\' % reference"><dtml-sqlvar reference type=string></dtml-let> IN BOOLEAN MODE)\n
+        MATCH(SearchableText) AGAINST(<dtml-sqlvar reference type=string> IN BOOLEAN MODE)\n
       AND\n
         <dtml-sqltest reference op=ne type=string>\n
     ORDER BY reference, language_order DESC, version DESC, revision DESC\n