Skip to content

XSS - Remove ALL HTML from results #26

New issue
New issue
Open
Open
XSS - Remove ALL HTML from results#26
Labels
bugSomething isn't workinghelp wantedExtra attention is neededsecurityPull requests that address a security vulnerability
@appinteractive

Description

@appinteractive
appinteractive
opened on Nov 27, 2018

There is an issue with Metascraper as they doe no result sanetization so its possible to add scripts via meta tags: https://hackerone.com/reports/309367

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workinghelp wantedExtra attention is neededsecurityPull requests that address a security vulnerability

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions