From 18294434912d7b91aead51b5d6c425d9d5321692 Mon Sep 17 00:00:00 2001
From: Aselsan <syamsuddine9@gmail.com>
Date: Fri, 19 Jul 2024 04:08:59 +0700
Subject: [PATCH] Escaping content for prevention of XSS attacks.

---
 src/Views/magic_link_form.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Views/magic_link_form.php b/src/Views/magic_link_form.php
index 6bef87a16..7b1ab284a 100644
--- a/src/Views/magic_link_form.php
+++ b/src/Views/magic_link_form.php
@@ -10,12 +10,12 @@
             <h5 class="card-title mb-5"><?= lang('Auth.useMagicLink') ?></h5>
 
                 <?php if (session('error') !== null) : ?>
-                    <div class="alert alert-danger" role="alert"><?= session('error') ?></div>
+                    <div class="alert alert-danger" role="alert"><?= esc(session('error')) ?></div>
                 <?php elseif (session('errors') !== null) : ?>
                     <div class="alert alert-danger" role="alert">
                         <?php if (is_array(session('errors'))) : ?>
                             <?php foreach (session('errors') as $error) : ?>
-                                <?= $error ?>
+                                <?= esc($error) ?>
                                 <br>
                             <?php endforeach ?>
                         <?php else : ?>