A note regarding HTML titles <script>alert("EXPLOIT!!!!")</script>

Posted by herronjo at 7:44 PM on 4/21/2018 EST:

So it has come to my attention that I have forgotten to sanitize titles on the app and website, only on the home screen. Whoops. However, due to CSP on the website, it is completely harmless. There is a script tag embedded in this title, and it does not run. So it's all cool. Also, I'm fixing image uploading and fixing this too.

˄ 0  ˅ 0

Comments:
herronjo
You were never at risk of anything.



EncloCreations
Fix the id issue herronjo
Log in to post a comment!