search

hackmdio / codimd

CodiMD - Realtime collaborative markdown notes on all platforms.
https://hackmd.io/c/codimd-documentation
GNU Affero General Public License v3.0
9.24k stars 1.05k forks source link

potential XSS in vimeo embed #1792

Closed galaxian85 closed 1 year ago

galaxian85 commented 1 year ago

access videoid directly has potential XSS risk

jackycute commented 1 year ago

Thanks @galaxian85, This should fix https://github.com/hackmdio/codimd/issues/1774

jackycute commented 1 year ago

Thanks @galaxian85