1 files changed, 2 insertions, 1 deletions

diff --git a/src/lib/utils.ts b/src/lib/utils.ts
index c2a955a..ae0c5f0 100644
--- a/src/lib/utils.ts
+++ b/src/lib/utils.ts
@@ -61,7 +61,8 @@ export function formattingCodeToHtml(formatted: string): string {
                 reset()
             }
         } else {
-            htmlOutput += character
+            // no xss!
+            htmlOutput += character.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;')
         }
     }
     reset()