Fixed issue: [security] Minor XSS vulnerability when editing a question

application/controllers/QuestionAdministrationController.php

@@ -117,6 +117,9 @@ public function actionCreate($surveyid)
     public function actionEdit(int $questionId, string $tabOverviewEditor = null)
     {
         $questionId = (int) $questionId;
+        if (!in_array($tabOverviewEditor, ['overview', 'editor'], true)) {
+            $tabOverviewEditor = null;
+        }
 
         /** @var $question Question|null */
         $question = Question::model()->findByPk($questionId);