Closed mjhouse closed 4 years ago
the safe filter in Tera may also un-escape Javascript and allow it to execute.
safe
Verified that this does NOT happen by:
Javascript and <script> tags were included as plain text even with the 'safe' filter.
<script>
the
safe
filter in Tera may also un-escape Javascript and allow it to execute.