This PR applies a patch sent by Edx to fix a possible cross-site scripting (XSS) vulnerability in edx-platform studio course and library page.
Without this patch, it was possible to execute scripts if they are present in error messages on courses and library page, as a result, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser.
This PR applies a patch sent by Edx to fix a possible cross-site scripting (XSS) vulnerability in edx-platform studio course and library page.
Without this patch, it was possible to execute scripts if they are present in error messages on courses and library page, as a result, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser.