embedd icon indicating copy to clipboard operation
embedd copied to clipboard

Published 20 hours ago verified publisher icon tgallant

HTML is embedded without escaping (possible XSS)

Open alexey-milovidov opened this issue 3 years ago • 0 comments

It looks like our website https://clickhouse.tech/blog/en/ is using your script to embed comments from Hacker's News. It leads to possible XSS and broken HTML markdown.

alexey-milovidov avatar May 18 '21 23:05 alexey-milovidov