if you write echo <a href="https://www.google.com"> this is link </a> on your app, it will show this is link that redirect you to google... I was not able to run javascript code but I can see it could potentially lead to script injection. Or may be it's not that big of a deal... I am not sure ...
if you write
echo <a href="https://www.google.com"> this is link </a>
on your app, it will show this is link that redirect you to google... I was not able to run javascript code but I can see it could potentially lead to script injection. Or may be it's not that big of a deal... I am not sure ...