From 1d73af34bf42764f9f9491c7ba5e9495d70e3ca5 Mon Sep 17 00:00:00 2001
From: Thorsten Rinne <thorsten@phpmyfaq.de>
Date: Sun, 27 Nov 2022 10:51:46 +0100
Subject: [PATCH] fix: added missing conversion to HTML entities

---
 phpmyfaq/admin/index.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/phpmyfaq/admin/index.php b/phpmyfaq/admin/index.php
index bc83627834..312c59daa7 100755
--- a/phpmyfaq/admin/index.php
+++ b/phpmyfaq/admin/index.php
@@ -119,6 +119,7 @@
 if (is_null($action)) {
     $action = Filter::filterInput(INPUT_POST, 'action', FILTER_UNSAFE_RAW);
 }
+$action = Strings::htmlentities($action);
 
 //
 // Get CSRF Token