Fix XSS in monsters.php, thanks to @gesior

2025-10-14 09:44:55 +02:00 · 2024-05-15 22:18:39 +02:00
parent b2a1675de3
commit 6f209440e0
1 changed files with 1 additions and 1 deletions
--- a/system/pages/monsters.php
+++ b/system/pages/monsters.php
@@ -79,7 +79,7 @@ if (isset($monster['name'])) {
 	));
 } else {
-	echo "Monster with name <b>" . $monster_name . "</b> doesn't exist.";
+	echo "Monster with name <b>" . htmlspecialchars($monster_name) . "</b> doesn't exist.";
 }
 // back button