diff --git a/Classes/Controller/SearchController.php b/Classes/Controller/SearchController.php
index 20df0e9..23b2a42 100644
--- a/Classes/Controller/SearchController.php
+++ b/Classes/Controller/SearchController.php
@@ -14,7 +14,7 @@ class SearchController extends ActionController
 {
     public function searchAction()
     {
-        $searchString = $this->request->getQueryParams()[($this->settings['parameters']['search'] ?? 'q')];
+        $searchString = htmlspecialchars(strip_tags($this->request->getQueryParams()[($this->settings['parameters']['search'] ?? 'q')]), ENT_QUOTES, 'UTF-8');
         $currentPage = $this->request->getQueryParams()[($this->settings['parameters']['page'] ?? 'p')];
         $currentPage = max(1, $currentPage ? (int)$currentPage : 1);
         $category = $this->request->getQueryParams()[($this->settings['parameters']['category'] ?? 'c')];