fix xss vulnerability

2024-07-19 16:07:21 -04:00 · 2024-07-19 16:07:21 -04:00 · 3c15a4f4aa
commit 3c15a4f4aa
parent b8249b80dc
1 changed files with 1 additions and 1 deletions
--- a/EmperorPalpatine/VM.cs
+++ b/EmperorPalpatine/VM.cs
@ -64,7 +64,7 @@ public class VM
            await cvm.SendChat($"@{username} No messages found for {args[0]}");
            return;
        }
-        await cvm.SendXSSChat($"\"{chat[0].Message}\" - {chat[0].Username}");
+        await cvm.SendXSSChat($"\"{WebUtility.HtmlEncode(chat[0].Message)}\" - {chat[0].Username}");
    }

    private void CvmOnConnectionClosed(object? sender, EventArgs e)