What potential issues can arise when outputting data in PHP scripts?

One potential issue when outputting data in PHP scripts is the risk of Cross-Site Scripting (XSS) attacks if user input is not properly sanitized. To prevent this, always use functions like htmlspecialchars() to escape special characters before outputting user-generated content.

// Example of how to prevent XSS attacks by sanitizing user input
$user_input = "<script>alert('XSS attack!');</script>";
echo htmlspecialchars($user_input, ENT_QUOTES, 'UTF-8');