Merge pull request #9 from maxfrerichs/bugfix/fix-xss-vulnerability

[BUGFIX] sanitize searchString to prevent XSS attacks.

Classes/Controller/SearchController.php

@@ -14,7 +14,7 @@ class SearchController extends ActionController
 {
     public function searchAction()
     {
-        $searchString = $this->request->getQueryParams()[($this->settings['parameters']['search'] ?? 'q')];
+        $searchString = htmlspecialchars(strip_tags($this->request->getQueryParams()[($this->settings['parameters']['search'] ?? 'q')]), ENT_QUOTES, 'UTF-8');
         $currentPage = $this->request->getQueryParams()[($this->settings['parameters']['page'] ?? 'p')];
         $currentPage = max(1, $currentPage ? (int)$currentPage : 1);
         $category = $this->request->getQueryParams()[($this->settings['parameters']['category'] ?? 'c')];