diff --git a/author.php b/author.php
index 7ef4a9d9..18e9df23 100644
--- a/author.php
+++ b/author.php
@@ -11,7 +11,7 @@
         <h3><?php the_author(); ?></h3>
         <div class="description">
             <?php 
-            $description = get_the_author_meta('description');
+            $description = htmlspecialchars(get_the_author_meta('description'), ENT_QUOTES, 'UTF-8');
             echo $description ? nl2br($description) : __("No personal profile set yet", "sakurairo"); 
             ?>
         </div>
@@ -63,4 +63,4 @@
 
 <?php
 get_footer();
-?>
\ No newline at end of file
+?>
diff --git a/style.css b/style.css
index 4b4565f6..d3c3aea7 100644
--- a/style.css
+++ b/style.css
@@ -1577,7 +1577,7 @@ h1.page-title {
   max-width: 70%;
   width: fit-content;
   position: relative;
-  height: 110px;
+  min-height: 110px;
   left: 50%;
   transform: translateX(-50%);
   margin: 10% 0;
@@ -1636,8 +1636,8 @@ h1.page-title {
   font-size: 14px;
   font-weight: var(--global-font-weight);
   text-align: center;
-  overflow: hidden;
-  max-height: 20px;
+  overflow: auto;
+  max-height: 400px;
   height: fit-content;
   margin: 0 10px;
 }
diff --git a/tpl/section-article-function.php b/tpl/section-article-function.php
index 30874829..eba62459 100644
--- a/tpl/section-article-function.php
+++ b/tpl/section-article-function.php
@@ -63,9 +63,12 @@
                 if (empty($author_description)) {
                     $author_description = __('This author has not provided a description.', 'sakurairo');
                 }
+                // 对描述内容进行转义，防止XSS攻击
+    			$safe_description = htmlspecialchars($author_description, ENT_QUOTES, 'UTF-8');
             ?>
                 <div class="desc">
-                    <i class="fa-solid fa-feather" aria-hidden="true"></i><?= $author_description; ?>
+                    <i class="fa-solid fa-feather" aria-hidden="true"></i>
+                    <?php echo nl2br($safe_description);?>
                 </div>
             <?php } ?>
         </section>