Fixes #13 XSS in comment box

Starpaul20 · Feb 23, 2018 · 4ee2a2e · 4ee2a2e
1 parent 0313d7a
commit 4ee2a2e
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/arcade.php b/arcade.php
@@ -1096,6 +1096,8 @@
 		exit;
 	}
 
+	$score['comment'] = htmlspecialchars_uni($score['comment']);
+
 	$plugins->run_hooks("arcade_edit_end");
 
 	eval("\$edit = \"".$templates->get("arcade_edit", 1, 0)."\";");