From 42a8346d2d0eabb12c8a9ac9650fabf03b841a57 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Mon, 26 Sep 2016 17:00:47 +0300
Subject: [PATCH] closes #5051

---
 src/controllers/unread.js | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/controllers/unread.js b/src/controllers/unread.js
index c610b91723..4f0b40bf38 100644
--- a/src/controllers/unread.js
+++ b/src/controllers/unread.js
@@ -3,6 +3,7 @@
 
 var async = require('async');
 var querystring = require('querystring');
+var validator = require('validator');
 
 var categories = require('../categories');
 var privileges = require('../privileges');
@@ -18,7 +19,7 @@ var validFilter = {'': true, 'new': true, 'watched': true};
 unreadController.get = function(req, res, next) {
 	var page = parseInt(req.query.page, 10) || 1;
 	var results;
-	var cid = req.query.cid;
+	var cid = validator.escape(String(req.query.cid));
 	var filter = req.params.filter || '';
 
 	if (!validFilter[filter]) {
@@ -85,7 +86,7 @@ unreadController.get = function(req, res, next) {
 			return filter && filter.selected;
 		})[0];
 
-		data.querystring = req.query.cid ? ('?cid=' + req.query.cid) : '';
+		data.querystring = cid ? ('?cid=' + cid) : '';
 
 		res.render('unread', data);
 	});