mbraak/django-file-form

Code scanning alert

mbraak opened this issue · 0 comments

mbraak commented

Dom text is reinterpreted as HTML without escaping meta-characters.

msg.innerHTML = `${file.name}: ${this.translations["Invalid file type"]}`