diff --git a/app/admin_service.py b/app/admin_service.py
index 5ca93c2..57f5e38 100644
--- a/app/admin_service.py
+++ b/app/admin_service.py
@@ -56,9 +56,9 @@ def article():
     
     _articles = get_page_articles(_cur_page, _page_size)
     for article in _articles:   # 获取每篇文章的title
-        article = escape(article)
-        article.title = article.text.split("\n")[0]
-        article.content = '<br/>'.join(article.text.split("\n")[1:])
+        text = escape(article.text) # Fix XSS vulnerability, contributed by Xu Xuan
+        article.title = text.split("\n")[0]
+        article.content = '<br/>'.join(text.split("\n")[1:])
     
     context = {
         "article_number": _article_number,