From 36eb076648ebe5d3ba0224facef3fc91d8b72dff Mon Sep 17 00:00:00 2001
From: Nahakiole <robin.glauser@gmail.com>
Date: Sat, 7 Nov 2015 10:44:44 +0100
Subject: [PATCH] Fixing XSS security issue.

---
 editor/editor.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/editor/editor.php b/editor/editor.php
index 623d5cb..d8689d0 100644
--- a/editor/editor.php
+++ b/editor/editor.php
@@ -52,7 +52,7 @@ if (isset($_GET['debug'])) {
 	<script type="text/javascript" src="/Mergely/lib/searchcursor.js"></script>
 
 	<script type="text/javascript">
-        var key = '<?php echo $key; ?>';
+        var key = '<?php echo htmlspecialchars($key, ENT_QUOTES, 'UTF-8'); ?>';
         var isSample = key == 'usaindep';
     </script>