typecho
typecho copied to clipboard
Fix unsafe use of jQuery .html()
.html()
can introudce cross-site-scripting (XSS) vulnerabilities with strings from untrusted sources. Use .text()
instead or sanitize the input.