bu-navigation icon indicating copy to clipboard operation
bu-navigation copied to clipboard

Published 20 hours ago verified publisher icon bu-ist

Label Field allows HTML like an <iframe>, horrible results ensue

Open acketon opened this issue 3 years ago • 2 comments

Client sent a bug: Screen Shot 2022-02-03 at 2 42 52 PM

Found this in the admin: Screen Shot 2022-02-03 at 2 44 34 PM

uh-oh.

Label field should probably sanitize HTML? Or at least only allow a limited subset... certainly not <iframe> Screen Shot 2022-02-03 at 2 44 53 PM

acketon avatar Feb 03 '22 19:02 acketon