From d76400797fd04bd33f5a64e5d478a73b43949673 Mon Sep 17 00:00:00 2001
From: GeorgNation <55389952+GeorgNation@users.noreply.github.com>
Date: Fri, 19 Jul 2024 13:18:55 +0600
Subject: [PATCH] =?UTF-8?q?=D1=84=D0=B8=D0=BA=D1=81=20xss?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/Controllers/Api/Profile/Update.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Controllers/Api/Profile/Update.php b/app/Controllers/Api/Profile/Update.php
index 6b2e7e5..d3c0006 100644
--- a/app/Controllers/Api/Profile/Update.php
+++ b/app/Controllers/Api/Profile/Update.php
@@ -27,7 +27,7 @@ class Update
                 }
 
                 if (strpos($key, 'OnMain') === false) {
-                    $dataArray[$paramKey]['value'] = $value;
+                    $dataArray[$paramKey]['value'] = htmlentities($value);
                 }
             }
         }