-
This markdown editor is vulnerable to xss attacks especially the preview feature.
-
See codepen
https://codepen.io/Adam-Skwersky/pen/oNOBXzY
**Steps for Reproduction**
1. Visit [codepen](https://codepen.io/Adam-Skwersky/pen/oNOBXzY)
2. Run the codepen, and quill starts in ed…
-
When I use vue-pdf-app in my Vue Chrome extension, nothing can run because eval is used in the source code.
I get errors like:
`Refused to evaluate a string as JavaScript because 'unsafe-eval' is no…
-
I found multiple XSS Attack vectors that aren't caught by the `isXss` function:
https://github.com/RisingStack/protect/blob/60b0c91e86686d34e5202419ce9ae7e8dc08edcd/lib/rules/xss.js#L4-L13
## tl…
-
As title
-
This lib is vulnerable to XSS attacks if html/javascript is entered as a search term. The lib has many instances of `innerHTML` replacements where `textContent` should be used.
Steps to reproduce:
…
-
They could be considered as false positives in modern browsers.
or we should consider as vulnerable
-
To insure that all incoming data is validated and sanitized to prevent potential security issues such as SQL injection or XSS attacks.
-
Hi! I have detected that there is xss attack not prevented. I guess because of these code
`
$comments[$Comment->id] = $Comment->attributes;
$CommentListWidget
->getView()
->registerJs('jQuery…
-
Currently we store all our access tokens (be it "normal" ones we issue or the OIDC ones) in the local / session storage (by default in the local storage).
The local storage is [not recommended](https:…