XSS Vulnerabilitie in ajax_post.php

[MehrdadLinux]

hi when is see code i found XSS Vulnerabilitie in ajax_post.php https://github.com/httpdss/collectd-web/blob/master/media/jqtouch/demos/main/ajax_post.php 1 <?php .... 5 if ($_POST["zip"]) { 6 $title = "Zip " . $_POST['zip']; 7 } else { 8 $title = $_POST['movie']; .... 29

...... whiteButton">Submit

in line 5 have VULNERABILITY in zip POST method we must control user input like ENT_QUOTES , htmlspecialchars

but i think it is not necessary and web can remove or suggestion to remove when install it on server thanks to support