XSS risk - index.php
Closed this issue · 0 comments
benfes commented
The h5p activity names are not sanitized upon retrieval from the database in index.php - so if the activity name is changed on the DB then it allows for XSS to take place.
Closed this issue · 0 comments
The h5p activity names are not sanitized upon retrieval from the database in index.php - so if the activity name is changed on the DB then it allows for XSS to take place.