On Sat 11 Sep 2021 at 18:11, Jean-Christophe Helary <[email protected]> wrote: > (prin "<" C D " id=\"h" D "-" E "\">") > which would give us: > <h2 id="h2-My heading">My heading</h2>
What if the value of E is something like
"><script>alert('xss');</script>
--
UNSUBSCRIBE: mailto:[email protected]?subject=Unsubscribe
