From b059abf46ddf2cc655a2504e185a2fab3db98380 Mon Sep 17 00:00:00 2001
From: orbisai0security <mediratta01.pally@gmail.com>
Date: Tue, 5 May 2026 08:01:24 +0000
Subject: [PATCH] fix: V-002 security vulnerability

Automated security fix generated by Orbis Security AI
---
 apps/web/src/app/api/feedback/route.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/apps/web/src/app/api/feedback/route.ts b/apps/web/src/app/api/feedback/route.ts
index cd853eeae..84aa0df7c 100644
--- a/apps/web/src/app/api/feedback/route.ts
+++ b/apps/web/src/app/api/feedback/route.ts
@@ -16,7 +16,12 @@ export async function POST(request: NextRequest) {
 		return NextResponse.json({ error: "Too many requests" }, { status: 429 });
 	}
 
-	const body = await request.json();
+	let body: unknown;
+	try {
+		body = await request.json();
+	} catch {
+		return NextResponse.json({ error: "Invalid JSON" }, { status: 400 });
+	}
 	const result = submitSchema.safeParse(body);
 
 	if (!result.success) {