From a73ac09aaded92074313fa1afd7faab8d9a407cc Mon Sep 17 00:00:00 2001
From: Martin Urbanec <martin.urbanec@wikimedia.cz>
Date: Thu, 9 Sep 2021 22:37:03 +0200
Subject: [PATCH] SECURITY: Fix XSS in SpecialEditGrowthConfig

Bug: T290692
Change-Id: Ibeb13d032ca044af53f6b2334e27b6b97b6f4e9f
---
 includes/Specials/SpecialEditGrowthConfig.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/includes/Specials/SpecialEditGrowthConfig.php b/includes/Specials/SpecialEditGrowthConfig.php
index c38f7375..f19a0d4c 100644
--- a/includes/Specials/SpecialEditGrowthConfig.php
+++ b/includes/Specials/SpecialEditGrowthConfig.php
@@ -218,7 +218,7 @@ class SpecialEditGrowthConfig extends FormSpecialPage {
 	 */
 	protected function preText() {
 		if ( $this->errorMsgKey !== null ) {
-			return $this->msg( $this->errorMsgKey )->text();
+			return $this->msg( $this->errorMsgKey )->escaped();
 		}
 		return '';
 	}
-- 
2.20.1