This repository has been archived by the owner on Dec 2, 2024. It is now read-only.
VULNERABILITY: Arbitrary HTML code execution flaw #200
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
There is a potentially hazardous security vulnerability with the client's markdown parser and/or @ mentions system. This allows arbitrary HTML code to execute, allowing other users to temporarily modify the contents on screen of all currently logged in Meower users, and possibly leading to malicious code execution.
The text was updated successfully, but these errors were encountered: