This repository has been archived by the owner on Aug 21, 2019. It is now read-only.
Plugin is vulnerable to xss #12
Labels
Comments
|
+1 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The value from the object is marked as html_safe. I think it should be escaped by default and make the plugin output raw values when this is selected in the options.
The text was updated successfully, but these errors were encountered: