-
Don't use *.innerHTML = `OR even` += "something" . Instead spawn new HTML elements like described here: https://github.com/Maingron/MainOS/security/code-scanning/1997?query=ref%3Arefs%2Fheads%2Fmaster…
-
At least texts that include decimal encoded characters like ê for ê break the Tagger and show strange effects during tagging.
-
Hello guys,
Thank you for taking the time to pay attention and help me to solve these questions.
This is the code i'm using for minify my html:
```
function sanitize_output($buffer) {
req…
-
## Summary:
There is a DOM-based XSS in MarkText allowing arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a m…
-
It seems like there are instances where allowing embedding iframes would be desired, like letting users put YouTube videos in a document. There could be an option to allow embedding, maybe also with t…
-
Hi there, thank you for providing this plugin. Though it seems that the underlying `sanitize-html` is generally not made for client-code. I get these errors while trying to use the plugin within nuxt3…
-
## CVE-2020-11023 - Medium Severity Vulnerability
Vulnerable Library - jquery-2.1.3.min.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.…
-
This was reported by email by a security researcher:
* The getHostname() function in piwik/vendor/piwik/network/src/IP.php does not sanitize the hostname before returning the value.
As describe…
-
- `remark-embedder-core` version: 3.0.1
- `node` version: 18.4.0
- `npm` version: 8.13.0
Relevant code or config
Example in the README.
What you did:
Ran the code.
What happened:
…
-
In this piece of code:
```
if(myproject_BUILD_FUZZ_TESTS)
message(AUTHOR_WARNING "Building Fuzz Tests, using fuzzing sanitizer https://www.llvm.org/docs/LibFuzzer.html")
if (NOT myproject_EN…