Filter login URLs to prevent XSS attack.

[dsXLII]

My team's security folks found that JavaScript injection was possible via the login form:

/wp-login.php?21c66"> Githubissues.

Githubissues is a development platform for aggregating issues.