[core] Fixed passive XSS vulnerability

Reference: https://www.openbugbounty.org/reports/1140367/
This commit is contained in:
Eugene Molotov 2020-10-26 15:07:20 +05:00
parent 164b407f28
commit 93cdf5e342

View file

@ -129,7 +129,7 @@ EOD;
* @return string The searchbar
*/
private static function getSearchbar() {
$query = filter_input(INPUT_GET, 'q');
$query = filter_input(INPUT_GET, 'q', FILTER_SANITIZE_SPECIAL_CHARS);
return <<<EOD
<section class="searchbar">