Open ccd0 opened 9 years ago
The way posts are retrieved from the archives allows a malicious archive to inject Javascript into the page through the name, subject, and various other fields. Fortunately this is much less scary with #341 fixed.
The way posts are retrieved from the archives allows a malicious archive to inject Javascript into the page through the name, subject, and various other fields. Fortunately this is much less scary with #341 fixed.