diff --git a/action.php b/action.php
index 32b2845fd3..bff18cbfc7 100644
--- a/action.php
+++ b/action.php
@@ -13,7 +13,7 @@
 // Check Access and exit when user status is not ok
 check_status(ACCESS_GUEST);
 
-echo $_GET['asdf'];
+echo isset($_GET['asdf']) ? htmlspecialchars($_GET['asdf'], ENT_QUOTES, 'UTF-8') : '';
 
 function guess_mime_type($ext)
 {