-
Notifications
You must be signed in to change notification settings - Fork 7.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
XSS when data is passed on to the web application via an API #6270
Comments
It is just a big bug in your application. So you should fix it. |
Thanks for the reply ! |
The document is for CI4, but CI3 also has similar functionality. But CI3 does not have Content Security Policy feature. |
So here's the scenario:
Just wanted to know if this is an accepted risk by default and I have to fix myself or I should send Proof Of Concepts to help you out.
The text was updated successfully, but these errors were encountered: