Fix XSS in monsters.php, thanks to @gesior

2025-04-26 17:29:21 +02:00 · 2024-05-15 22:18:39 +02:00 · 2024-05-15 22:18:39 +02:00 · 6f209440e0
commit 6f209440e0
parent b2a1675de3
1 changed files with 1 additions and 1 deletions
--- a/system/pages/monsters.php
+++ b/system/pages/monsters.php
@ -79,7 +79,7 @@ if (isset($monster['name'])) {
 	));
 } else {
-	echo "Monster with name <b>" . $monster_name . "</b> doesn't exist.";
+	echo "Monster with name <b>" . htmlspecialchars($monster_name) . "</b> doesn't exist.";
 }
 // back button