diff --git a/feed.php b/feed.php
index 229f1156c..5d015c573 100644
--- a/feed.php
+++ b/feed.php
@@ -63,6 +63,8 @@ function ts_to_iso8601($ts)
 // |                            initialization                             |
 // +-----------------------------------------------------------------------+
 
+check_input_parameter('feed', $_GET['feed'], false, '/^[0-9a-z]{50}$/i');
+
 $feed_id= isset($_GET['feed']) ? $_GET['feed'] : '';
 $image_only=isset($_GET['image_only']);