Error dialogs do not escape HTML from fields
This can easily be tested in password recovery. Other parts of FD might be impacted.
This can cause bugs or allow HTML/javascript injection.
This can easily be tested in password recovery. Other parts of FD might be impacted.
This can cause bugs or allow HTML/javascript injection.