From d798b0dec93cb1e0a7c7b4c1f14d85c756cf3aba Mon Sep 17 00:00:00 2001
From: Tobias Fella <fella@posteo.de>
Date: Wed, 1 Nov 2023 22:04:30 +0100
Subject: [PATCH] HTML-escape mentions

---
 src/actionshandler.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/actionshandler.cpp b/src/actionshandler.cpp
index 20507753b..a562e93f7 100644
--- a/src/actionshandler.cpp
+++ b/src/actionshandler.cpp
@@ -75,7 +75,7 @@ QString ActionsHandler::handleMentions(QString handledText, QList<Mention> *ment
         }
         handledText = handledText.replace(mention.cursor.anchor(),
                                           mention.cursor.position() - mention.cursor.anchor(),
-                                          QStringLiteral("[%1](https://matrix.to/#/%2)").arg(mention.text, mention.id));
+                                          QStringLiteral("[%1](https://matrix.to/#/%2)").arg(mention.text.toHtmlEscaped(), mention.id));
     }
     mentions->clear();