From 2a43a3a4463c26013068f83974acb3b13387f5ca Mon Sep 17 00:00:00 2001
From: Julian Merkle <juli.merkle@gmail.com>
Date: Sun, 25 Mar 2018 17:29:15 +0200
Subject: [PATCH] Fix reflected XSS in list_rankup.php

---
 stats/list_rankup.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/stats/list_rankup.php b/stats/list_rankup.php
index 846c953..0fc3c48 100644
--- a/stats/list_rankup.php
+++ b/stats/list_rankup.php
@@ -144,6 +144,8 @@ if(!isset($_GET["user"])) {
 	$user_pro_seite = preg_replace('/\D/', '', $_GET["user"]);
 }
 
+$getstring = htmlspecialchars($getstring);
+
 $start = ($seite * $user_pro_seite) - $user_pro_seite;
 
 if ($keysort == 'active' && $keyorder == 'asc') {