Security Risk: XSS Vulnerabilities
coderabbitai opened this issue · comments
In the context of PR #97 (#97), a potential security risk was identified in the function within . The function uses to remove marking from the main content, which introduces potential XSS vulnerabilities.
A static analysis hint suggested considering sanitizing the content or using a more secure method to manipulate the DOM. This issue is to track the evaluation and implementation of a safer approach to updating the DOM in this context.
For more details, see the related comment: #97 (comment)
To ensure the application's security, it's important to implement a process for sanitizing these parameters by escaping special characters (<
, >
, &
, "
, '
) before their usage.