evazion de289ee5d3 Fix XSS in /artist_versions. ...

1) Put `<script>alert("xss 1")</script>` in the Other Names field in an
   artist entry.
2) Put `<script>alert("xss 2")</script>` in the URLs field.
3) Trick someone into the viewing the history page for that artist.

2014-10-17 15:22:51 -05:00

943 B

Raw Blame History

View Raw