XSS in client rendered block templatesrendr
Affected versions of
rendr are vulnerable to cross-site scripting when client side rendering is done inside a
Server side rendering is not affected and is properly escaped.
Update to version 1.1.4 or later.
Have content suggestions? Send them to [email protected]
publishedAdvisory publishedJul 25th, 2016
reportedInitial report by Jon MerrifieldJul 22nd, 2016