sanitize output to fix XSS vulnerability - Specifically issue #11
POC -
Example of injecting window.location to navigate the administrator from the admin console - Possibilities are endless for this. In this case, I specified my GitHub profile.
(Ignore the errors - Local dev site used for example).
Fix:
Simple addition of htmlentities on the $entry.
sanitize output to fix XSS vulnerability - Specifically issue #11
POC - Example of injecting window.location to navigate the administrator from the admin console - Possibilities are endless for this. In this case, I specified my GitHub profile.
(Ignore the errors - Local dev site used for example).
Fix: Simple addition of htmlentities on the $entry.