From de040b66a5f2507fba12528533986893816af80a Mon Sep 17 00:00:00 2001
From: Julian Merkle <juli.merkle@gmail.com>
Date: Tue, 27 Mar 2018 00:06:47 +0200
Subject: [PATCH] Fix reflected XSS vulnerability

---
 webinterface/bot.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webinterface/bot.php b/webinterface/bot.php
index 9061fe2..74cd2b5 100644
--- a/webinterface/bot.php
+++ b/webinterface/bot.php
@@ -129,7 +129,7 @@ if(isset($_POST['logfilter']) && in_array('debug', $_POST['logfilter'])) {
 	$inactivefilter .= "DEBUG,";
 }
 if(isset($_POST['logfilter'][0])) {
-	$filter2 = $_POST['logfilter'][0];
+	$filter2 = htmlspecialchars($_POST['logfilter'][0]);
 	$_SESSION[$rspathhex.'logfilter2'] = $filter2;
 }