Closed mayorovp closed 6 years ago
owner.display_name can contain any user-provided text
Steps to reproduce:
<script>alert('XSS!')</script>
owner.display_name can contain any user-provided text
Steps to reproduce:
<script>alert('XSS!')</script>