claar
commented
5 years ago Hi @carlosvini Thanks for contributing #584 and checking back on it -- I've merged it and released version @4.2.1 containing this fix. I'm happy to merge other fixes as you submit them -- I'm still actively maintaining this project as I have time.
I opened a Pull request to fix XSS in Jun 12 (https://github.com/formers/former/pull/584), and I got no response. I found out there are other possible XSS attacks as mentioned on the pull request comments.
Is the maintainer interested in fixing these issues or should I just fork the lib?
Thx.