diff --git a/files/routes/awards.py b/files/routes/awards.py
index 80bc8fe344..b67cc78bf1 100644
--- a/files/routes/awards.py
+++ b/files/routes/awards.py
@@ -626,6 +626,8 @@ def admin_userawards_post(v):
 		if key not in AWARDS: continue
 
 		if value:
+			
+			if int(value) > 10: abort(403)
 
 			if int(value) > 0: notify_awards[key] = int(value)
 
diff --git a/files/routes/comments.py b/files/routes/comments.py
index 89c28801ff..aeef1b3e84 100644
--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@@ -179,7 +179,7 @@ def api_comment(v):
 		file.save(name)
 		url = request.host_url[:-1] + process_image(name)
 		
-		body += f"\n![]({url})"
+		body += f"\n\n![]({url})"
 
 	body_html = sanitize(CustomRenderer().render(mistletoe.Document(body)))
 
@@ -673,7 +673,7 @@ def edit_comment(cid, v):
 			file.save(name)
 			url = request.host_url[:-1] + process_image(name)
 
-			body += f"\n![]({url})"
+			body += f"\n\n![]({url})"
 			body_md = CustomRenderer().render(mistletoe.Document(body))
 			body_html = sanitize(body_md)