From e7f10d846e4255f6172835df8a0cb3befa56374f Mon Sep 17 00:00:00 2001
From: Igor Scheller <igor.scheller@igorshp.de>
Date: Mon, 29 Apr 2019 23:59:37 +0200
Subject: Escape log messages

---
 includes/pages/admin_log.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/includes/pages/admin_log.php b/includes/pages/admin_log.php
index 2a736aa5..24903f6d 100644
--- a/includes/pages/admin_log.php
+++ b/includes/pages/admin_log.php
@@ -25,6 +25,7 @@ function admin_log()
     $entries = [];
     foreach ($log_entries as $entry) {
         $data = $entry->toArray();
+        $data['message'] = nl2br(htmlspecialchars($data['message']));
         $data['created_at'] = date_format($entry->created_at, 'd.m.Y H:i');
         $entries[] = $data;
     }
-- 
cgit v1.2.3-54-g00ecf