From 430c0a2f0f72f1254ab65d53f13640fe02418f05 Mon Sep 17 00:00:00 2001
From: lolcat <will@lolcat.ca>
Date: Tue, 8 Jul 2025 23:10:13 -0400
Subject: [PATCH] fix potential xss woops

---
 web.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web.php b/web.php
index ff1fc13..a1588fc 100644
--- a/web.php
+++ b/web.php
@@ -89,7 +89,7 @@ if($results["spelling"]["type"] != "no_correction"){
 			'&' .
 			$frontend->buildquery($get, true) .
 			'&spellcheck=no">' .
-			$results["spelling"]["correction"] .
+			htmlspecialchars($results["spelling"]["correction"]) .
 			'</a>?' .
 		'</div>';
 }