Closed JeroenBoersma closed 2 years ago
The Slider configuration contains the current url, which could be escaped adding a single quote '.
'
This way it was possible to add reflected XSS in the URL For obvious reasons I will not add the URL's used here.
@JeroenBoersma Thanks for your PR. I've merged it and will be releasing a new version in time.
The Slider configuration contains the current url, which could be escaped adding a single quote
'
.This way it was possible to add reflected XSS in the URL For obvious reasons I will not add the URL's used here.