echo0x00
commented
3 years ago @dontcallmedom @jean-gui I was the one who reported the vulnerability. I'm sorry if my words are inappropriate. But I was unable to deploy the unicorn and check the suggested edits. Everything worked perfectly, XSS on my Payloads are no longer observed. HTML is escaped. You can check it here: http://80.211.182.47:8081/unicorn/
dontcallmedom
Fix XSS risk
@jean-gui I haven't tested it and am light years away of being in a position to test it, so your help in verifying this fix the bug and in deploying it if it does would be greatly appreciated