From e8b0f569bdf6659e7cc1a7fcc88949eeaa2d1094 Mon Sep 17 00:00:00 2001
From: Tom Mortensen <tomm@lime-technology.com>
Date: Wed, 17 Dec 2025 07:56:11 -0800
Subject: [PATCH] fix: Possible XSS via email test functionality

---
 emhttp/plugins/dynamix/include/SMTPtest.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/emhttp/plugins/dynamix/include/SMTPtest.php b/emhttp/plugins/dynamix/include/SMTPtest.php
index 2d3b2f1e3..9e6854f1c 100644
--- a/emhttp/plugins/dynamix/include/SMTPtest.php
+++ b/emhttp/plugins/dynamix/include/SMTPtest.php
@@ -40,7 +40,7 @@ function PsKill($pid) {
 if (PsExecute("$docroot/webGui/scripts/notify -s 'Unraid SMTP Test' -d 'Test message received!' -i 'alert' -l '/Settings/Notifications' -t")) {
   $result = exec("tail -3 /var/log/syslog|awk '/sSMTP/ {getline;print}'|cut -d']' -f2|cut -d'(' -f1");
   $color = strpos($result, 'Sent mail') ? 'green' : 'red';
-  echo _("Test result")."<span class='$color'>$result</span>";
+  echo _("Test result")."<span class='$color'>".htmlspecialchars($result)."</span>";
 } else {
   echo _("Test result")."<span class='red'>: "._('No reply from mail server')."</span>";
 }