Open iTitus opened 4 months ago
We are vulnerable to XSS
This might actually not be true, since we use hiccup2 and this defaults to escape strings. However, further investigation (preferably even resulting in an automated test of the templating function(s)) seems appropriate.
We are vulnerable to XSSThis might actually not be true, since we use hiccup2 and this defaults to escape strings. However, further investigation (preferably even resulting in an automated test of the templating function(s)) seems appropriate.