$searchTerm = (isset($request->get('search_entry')['term']) ? $request->get('search_entry')['term'] : '');
$currentRoute = (null !== $request->query->get('currentRoute') ? $request->query->get('currentRoute') : '');
- $sortBy = $request->get('sort', 'id');
- $direction = $request->get('direction', 'DESC');
+ $sortBy = 'id';
+ if (in_array($request->get('sort', 'id'), ['id', 'created_at', 'title', 'updated_at'], true)) {
+ $sortBy = $request->get('sort', 'id');
+ }
+
+ $direction = 'DESC' === $request->get('direction') ? 'DESC' : 'ASC';
switch ($type) {
case 'search':