From d1518c24e45515d710d4e488bc33a14027b64194 Mon Sep 17 00:00:00 2001
From: mollux <mattias.michaux@dropsolid.com>
Date: Mon, 23 May 2022 13:52:02 +0200
Subject: [PATCH] Merge pull request from GHSA-jrwm-pr9x-cgq3

---
 app/bundles/InstallBundle/Install/InstallService.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/app/bundles/InstallBundle/Install/InstallService.php b/app/bundles/InstallBundle/Install/InstallService.php
index e56880bbbfd..1749f279750 100644
--- a/app/bundles/InstallBundle/Install/InstallService.php
+++ b/app/bundles/InstallBundle/Install/InstallService.php
@@ -11,6 +11,7 @@
 use Mautic\CoreBundle\Configurator\Step\StepInterface;
 use Mautic\CoreBundle\Helper\CacheHelper;
 use Mautic\CoreBundle\Helper\EncryptionHelper;
+use Mautic\CoreBundle\Helper\InputHelper;
 use Mautic\CoreBundle\Helper\PathsHelper;
 use Mautic\CoreBundle\Release\ThisRelease;
 use Mautic\InstallBundle\Configurator\Step\DoctrineStep;
@@ -464,10 +465,10 @@ public function createAdminUserStep(array $data): array
 
         $encoder = $this->encoder;
 
-        $user->setFirstName($data['firstname']);
-        $user->setLastName($data['lastname']);
-        $user->setUsername($data['username']);
-        $user->setEmail($data['email']);
+        $user->setFirstName(InputHelper::filter($data['firstname']));
+        $user->setLastName(InputHelper::filter($data['lastname']));
+        $user->setUsername(InputHelper::filter($data['username']));
+        $user->setEmail(InputHelper::email($data['email']));
         $user->setPassword($encoder->encodePassword($user, $data['password']));
 
         $adminRole = null;