From afc80af354c7d4f5bf0bbd12dff76264f0f8cfdb Mon Sep 17 00:00:00 2001
From: Steffen Lange <github@stelas.de>
Date: Thu, 31 Dec 2020 18:49:05 +0100
Subject: [PATCH] Encode HTML chars in RSS feed

---
 PatchFeeder.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/PatchFeeder.php b/PatchFeeder.php
index 45c7ab9..091d829 100644
--- a/PatchFeeder.php
+++ b/PatchFeeder.php
@@ -23,11 +23,11 @@ $db->sort();
 	for ($i = 0; $i < $db->count(); $i++) {
 		$patch = $db->get($i);
 		echo '<item>';
-		echo '<title>' . $patch->getVendor() . ' released ' . $patch->getProduct();
+		echo '<title>' . htmlspecialchars($patch->getVendor()) . ' released ' . htmlspecialchars($patch->getProduct());
 		if (!empty($patch->getBranch()))
-			echo ' ' . $patch->getBranch();
-		echo ' version ' . $patch->getVersion() . '.</title>';
-		echo '<link>' . $patch->getURL() . '</link>';
+			echo ' ' . htmlspecialchars($patch->getBranch());
+		echo ' version ' . htmlspecialchars($patch->getVersion()) . '.</title>';
+		echo '<link>' . htmlspecialchars($patch->getURL()) . '</link>';
 		echo '<pubDate>' . date(DATE_RSS, $patch->getTimestamp()) . '</pubDate>';
 		echo '<guid isPermaLink="false">' . hash('sha256', $patch) . '</guid>';
 		echo '</item>' . "\r\n";