From a549327e25b1dfeb7dd95f3b43aea1655fdec376 Mon Sep 17 00:00:00 2001
From: Steffen Lange <github@stelas.de>
Date: Sat, 2 Jan 2021 18:57:01 +0100
Subject: [PATCH] Encode chars in HTML page

---
 PatchViewer.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/PatchViewer.php b/PatchViewer.php
index 0927150..ba59f81 100644
--- a/PatchViewer.php
+++ b/PatchViewer.php
@@ -48,10 +48,10 @@ $db->sort();
 	for ($i = 0; $i < $db->count(); $i++) {
 		$patch = $db->get($i);
 		echo '<tr>';
-		echo '<td>' . $patch->getVendor() . '</td>';
-		echo '<td><a href="' . $patch->getURL() . '">' . $patch->getProduct() . '</a></td>';
-		echo '<td>' . $patch->getBranch() . '</td>';
-		echo '<td>' . $patch->getVersion() . '</td>';
+		echo '<td>' . htmlspecialchars($patch->getVendor()) . '</td>';
+		echo '<td><a href="' . htmlspecialchars($patch->getURL()) . '">' . htmlspecialchars($patch->getProduct()) . '</a></td>';
+		echo '<td>' . htmlspecialchars($patch->getBranch()) . '</td>';
+		echo '<td>' . htmlspecialchars($patch->getVersion()) . '</td>';
 		echo '<td>' . date('Y-m-d', $patch->getTimestamp()) . '</td>';
 		echo '</tr>' . "\r\n";
 	}