On Wed, Sep 15, 2021 at 10:49:00PM +0900, Jean-Christophe Helary wrote:
> > What if the value of E is something like
> >
> > "><script>alert('xss');</script>
>
> You mean n{<script>alert('xss');</script>}?
>
> I don't understand Alex’ answer:
> > In final code this would be written as (ht:Prin E)
>
> but I guess he is right :)
I hope so.
(ht:Prin "><script>alert('xss');</script>")
><script>alert('xss');</script>
☺/ A!ex
--
UNSUBSCRIBE: mailto:[email protected]?subject=Unsubscribe
