shane-tomlinson
commented
11 years ago @ozten - After thinking about this more, I cannot see an obvious XSS attack here.
Closed shane-tomlinson closed 11 years ago
shane-tomlinson
commented
11 years ago @ozten - After thinking about this more, I cannot see an obvious XSS attack here.
ozten
commented
11 years ago Cool!
Ya, I guess if someone gets access to your admin panel, they could directly do bad things w/o going to the trouble of XSS.
shane-tomlinson
commented
11 years ago Closing, I merged this manually.
@ozten, can you see if this works for you?
I am uncomfortable with this change because it means that somebody who can gain access to the admin panel of the site could XSS the users.
fixes #47