diff --git a/src/controllers/admin/postqueue.js b/src/controllers/admin/postqueue.js index 0105445a90..1812d70e95 100644 --- a/src/controllers/admin/postqueue.js +++ b/src/controllers/admin/postqueue.js @@ -81,7 +81,7 @@ function getQueuedPosts(ids, callback) { }); async.map(postData, function (postData, next) { - postData.data.rawContent = postData.data.content; + postData.data.rawContent = validator.escape(String(postData.data.content)); postData.data.title = validator.escape(String(postData.data.title)); async.waterfall([ function (next) {