From 3f463adcfbeef4bd2bb1b4788a2d3ecf88f42564 Mon Sep 17 00:00:00 2001
From: ZeroPath <noreply@zeropath.com>
Date: Thu, 15 Jan 2026 21:22:21 +0000
Subject: [PATCH] Fix reflected XSS in register.php by escaping user input

---
 register.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/register.php b/register.php
index 79b53c1996..9bcfd6f78b 100644
--- a/register.php
+++ b/register.php
@@ -10,7 +10,7 @@
 define('PHPWG_ROOT_PATH','./');
 include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
 
-echo $_GET['asdf'];
+echo htmlspecialchars($_GET['asdf'], ENT_QUOTES, 'UTF-8');
 
 // +-----------------------------------------------------------------------+
 // | Check Access and exit when user status is not ok                      |