echo command could expose app for script injection sort of...

[jinseok9338]

if you write echo <a href="https://www.google.com"> this is link </a> on your app, it will show this is link that redirect you to google... I was not able to run javascript code but I can see it could potentially lead to script injection. Or may be it's not that big of a deal... I am not sure ...