fix(index.js): apply encodeURI() on old message text to fix DOM-based XSS - Githubissues

3s3s / opentrade

OpenTrade - Open Source Cryptocurrency Exchange

MIT License

396 stars 401 forks source link

fix(index.js): apply encodeURI() on old message text to fix DOM-based XSS #337

Closed Marshall-Hallenbeck closed 4 years ago

Marshall-Hallenbeck commented 4 years ago

fix for CVE-2020-6847

Disclosed to Ivan via email and filed CVE on 1/10/2020.