I found that is it possible to craft inputs to bypass the HtmlRule sanitizer and achieve XSS. It is not quite clear how to report them without dumping them in a public Github issue, which I'd rather avoid for obvious reasons.
I tried messaging contact@vereyon.nl but got no response - so is there a better way to get in touch?
Hello there,
I found that is it possible to craft inputs to bypass the HtmlRule sanitizer and achieve XSS. It is not quite clear how to report them without dumping them in a public Github issue, which I'd rather avoid for obvious reasons. I tried messaging contact@vereyon.nl but got no response - so is there a better way to get in touch?
Cheers, leeN