From 6f209440e013545025bbe7f4ecf40010ec47d40e Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Wed, 15 May 2024 22:18:39 +0200
Subject: [PATCH] Fix XSS in monsters.php, thanks to @gesior

---
 system/pages/monsters.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/pages/monsters.php b/system/pages/monsters.php
index 17252438..8ba07acc 100644
--- a/system/pages/monsters.php
+++ b/system/pages/monsters.php
@@ -79,7 +79,7 @@ if (isset($monster['name'])) {
 	));
 
 } else {
-	echo "Monster with name <b>" . $monster_name . "</b> doesn't exist.";
+	echo "Monster with name <b>" . htmlspecialchars($monster_name) . "</b> doesn't exist.";
 }
 
 // back button