Hi all, Sorry if this issue is irrelevant but when I tried to insert something malicious script to dhis2 field, I got it stored, like this: [image: Inline image 1]
It means that data are not filtered at all. In theory, it has a risk of XSS attack. How do we prevent that? Thanh
<<image.png>>
_______________________________________________ Mailing list: https://launchpad.net/~dhis2-devs Post to : dhis2-devs@lists.launchpad.net Unsubscribe : https://launchpad.net/~dhis2-devs More help : https://help.launchpad.net/ListHelp
