fix potential xss woops

2025-07-08 23:10:13 -04:00
parent 8bea7758f0
commit f7db6ba295
1 changed files with 1 additions and 1 deletions
--- a/src/web.php
+++ b/src/web.php
@ -84,7 +84,7 @@ if($results["spelling"]["type"] != "no_correction"){
 			'&' .
 			$frontend->buildquery($get, true) .
 			'&spellcheck=no">' .
-			$results["spelling"]["correction"] .
+			htmlspecialchars($results["spelling"]["correction"]) .
 			'</a>?' .
 		'</div>';
 }