diff --git a/app/views/comment/search.php b/app/views/comment/search.php
index 3a789d8..bcb6037 100755
--- a/app/views/comment/search.php
+++ b/app/views/comment/search.php
@@ -1,7 +1,7 @@
= $this->formTag(['action' => "search"], ['method' => 'get'], function(){ ?>
- = $this->textFieldTag("query", $this->params()->query, ['size' => 40]) ?>
+ = $this->textFieldTag("query", $this->h($this->params()->query), ['size' => 40]) ?>
= $this->submitTag($this->t('.submit')) ?>
diff --git a/app/views/forum/index.php b/app/views/forum/index.php
index f0f0326..c0d6285 100755
--- a/app/views/forum/index.php
+++ b/app/views/forum/index.php
@@ -1,7 +1,7 @@
= $this->formTag(['action' => "search"], ['method' => 'get'], function(){ ?>
- = $this->textFieldTag("query", $this->params()->query, ['size' => 40]) ?>
+ = $this->textFieldTag("query", $this->h($this->params()->query), ['size' => 40]) ?>
= $this->submitTag($this->t('.search')) ?>
diff --git a/app/views/note/search.php b/app/views/note/search.php
index 87046a7..3732eac 100755
--- a/app/views/note/search.php
+++ b/app/views/note/search.php
@@ -1,7 +1,7 @@
= $this->t('.title') ?>
= $this->formTag(['action' => 'search'], ['method' => 'get'], function(){ ?>
- = $this->textFieldTag("query", $this->params()->query, ['size' => '40']) ?> = $this->submitTag($this->t('.search')) ?>
+ = $this->textFieldTag("query", $this->h($this->params()->query), ['size' => '40']) ?> = $this->submitTag($this->t('.search')) ?>
notes) : ?>
diff --git a/app/views/pool/index.php b/app/views/pool/index.php
index 63fec1e..98492b6 100755
--- a/app/views/pool/index.php
+++ b/app/views/pool/index.php
@@ -4,7 +4,7 @@
params()->order) : ?>
= $this->hiddenFieldTag("order", $this->params()->order) ?>
- = $this->textFieldTag("query", $this->params()->query, ['size' => 40]) ?>
+ = $this->textFieldTag("query", $this->h($this->params()->query), ['size' => 40]) ?>
= $this->submitTag($this->t('.search'), ['name' => '']) ?>
diff --git a/app/views/post/moderate.php b/app/views/post/moderate.php
index 81b6808..4cb2a01 100755
--- a/app/views/post/moderate.php
+++ b/app/views/post/moderate.php
@@ -1,5 +1,5 @@
diff --git a/app/views/tag_alias/index.php b/app/views/tag_alias/index.php
index f895989..c2f9f61 100755
--- a/app/views/tag_alias/index.php
+++ b/app/views/tag_alias/index.php
@@ -1,6 +1,6 @@
= $this->formTag([], ['method' => 'get'], function(){ ?>
- = $this->textFieldTag("query", $this->params()->query) ?>
+ = $this->textFieldTag("query", $this->h($this->params()->query)) ?>
= $this->submitTag($this->t('.search')) ?>
= $this->submitTag($this->t('tag_implication.index.search')) ?>
diff --git a/app/views/tag_implication/index.php b/app/views/tag_implication/index.php
index 83f3b42..c90f06f 100755
--- a/app/views/tag_implication/index.php
+++ b/app/views/tag_implication/index.php
@@ -1,6 +1,6 @@
= $this->formTag(['action' => "index"], ['method' => 'get'], function(){ ?>
- = $this->textFieldTag("query", $this->params()->query) ?>
+ = $this->textFieldTag("query", $this->h($this->params()->query)) ?>
= $this->submitTag($this->t('.search')) ?>
= $this->submitTag($this->t('tag_alias.index.search')) ?>
diff --git a/app/views/wiki/_sidebar.php b/app/views/wiki/_sidebar.php
index 9ea6da0..31be661 100755
--- a/app/views/wiki/_sidebar.php
+++ b/app/views/wiki/_sidebar.php
@@ -2,7 +2,7 @@
Search
= $this->formTag(['action' => "index"], ['method' => "get"], function(){ ?>
- = $this->textFieldTag("query", $this->params()->query, ['size' => 20, 'id' => "search-box"]) ?>
+ = $this->textFieldTag("query", $this->h($this->params()->query), ['size' => 20, 'id' => "search-box"]) ?>