From 01f0625d6a177f9c5df9281f12a27c814c2d8bcf Mon Sep 17 00:00:00 2001
From: n1474335 <n1474335@gmail.com>
Date: Sun, 14 Apr 2019 22:00:17 +0100
Subject: [PATCH] Fixed XSS in 'Text Encoding Brute Force. Closes #539

---
 src/core/operations/TextEncodingBruteForce.mjs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/core/operations/TextEncodingBruteForce.mjs b/src/core/operations/TextEncodingBruteForce.mjs
index ee5f70d3..169e6ad7 100644
--- a/src/core/operations/TextEncodingBruteForce.mjs
+++ b/src/core/operations/TextEncodingBruteForce.mjs
@@ -79,7 +79,7 @@ class TextEncodingBruteForce extends Operation {
         let table = "<table class='table table-hover table-sm table-bordered table-nonfluid'><tr><th>Encoding</th><th>Value</th></tr>";
 
         for (const enc in encodings) {
-            const value = Utils.printable(encodings[enc], true);
+            const value = Utils.escapeHtml(Utils.printable(encodings[enc], true));
             table += `<tr><td>${enc}</td><td>${value}</td></tr>`;
         }