From 43efb2dfc97f9f5236eead2c8dc44628fcf5a697 Mon Sep 17 00:00:00 2001
From: Bozhidar Slaveykov <bobi@microweber.com>
Date: Mon, 14 Feb 2022 11:20:14 +0200
Subject: [PATCH] Update FieldsManager.php

---
 src/MicroweberPackages/CustomField/FieldsManager.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/MicroweberPackages/CustomField/FieldsManager.php b/src/MicroweberPackages/CustomField/FieldsManager.php
index c4df99fe343..ec6dbf42e4a 100644
--- a/src/MicroweberPackages/CustomField/FieldsManager.php
+++ b/src/MicroweberPackages/CustomField/FieldsManager.php
@@ -3,6 +3,7 @@
 namespace MicroweberPackages\CustomField;
 
 use MicroweberPackages\CustomField\Fields\Text;
+use MicroweberPackages\Helper\XSSSecurity;
 use function Matrix\trace;
 use MicroweberPackages\CustomField\Events\CustomFieldWasDeleted;
 use MicroweberPackages\CustomField\Fields\Address;
@@ -305,6 +306,9 @@ public function save($fieldData)
             return false;
         }
 
+        $xssClean = new XSSSecurity();
+        $fieldData = $xssClean->clean($fieldData);
+
         if (isset($fieldData['copy_of']) and $fieldData['copy_of']) {
 
             $existing = array();