New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UI: escape HTML in results display #84

Open

emanuil-tolev opened this issue Apr 14, 2014 · 0 comments

Labels

Milestone

Production or Bust!

Contributor

emanuil-tolev commented Apr 14, 2014

http://oag.cottagelabs.com/lookup/10.1210/en.2012-1913

This is actually a glaring XSS vulnerability, now with the string matcher up.
Check plugin pages and registered publisher pages too.

emanuil-tolev added the enhancement label

richard-jones added this to the Production or Bust! milestone

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment