Fixed potential XSS on locations

2025-10-17 17:07:57 +01:00
parent b1ef3f51cb
commit 23feb64b5a
1 changed files with 1 additions and 1 deletions
--- a/resources/macros/macros.php
+++ b/resources/macros/macros.php
@@ -31,7 +31,7 @@ Form::macro('countries', function ($name = 'country', $selected = null, $class =

    // If the country value doesn't exist in the array, add it as a new option and select it so we don't drop that data
    if (!array_key_exists($selected, $countries_array)) {
-        $select .= '<option value="' . $selected . '" selected="selected" role="option" aria-selected="true">' . $selected .' *</option> ';
+        $select .= '<option value="' . e($selected) . '" selected="selected" role="option" aria-selected="true">' . e($selected) .' *</option> ';
    }

    $select .= '</select>';