Actions
Bug #17066
closedCVE-2016-8613 - XSS in live output
Difficulty:
Triaged:
Bugzilla link:
Description
Missed escaping in live output can allow XSS, when the execution code produces a valid HTML/JavaScript code.
Added by Ivan Necas over 8 years ago
Actions
Fixes #17066 - escape the life output properly