You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Systems commonly used markdown for convenience when defining templates for emails or user messages, however markdown is often seen as benign and not properly escaped. I propose you add a section on markdown injection.
Here are a few things to include:
**this is bold**
*unclosed bold
_this is italics_
_unclosed italics
[this is a link](http://example.com)
[this is a link](javascript:alert(25);)
---
* bullet point
You could also add '# a titlebut that would currently break your formatting for comments inblns.txt`, not sure if you currently have a way around this?
The text was updated successfully, but these errors were encountered:
Systems commonly used markdown for convenience when defining templates for emails or user messages, however markdown is often seen as benign and not properly escaped. I propose you add a section on markdown injection.
Here are a few things to include:
You could also add '# a title
but that would currently break your formatting for comments inblns.txt`, not sure if you currently have a way around this?The text was updated successfully, but these errors were encountered: