Fix XSS injection #103

merged 1 commit into from Nov 4, 2011

2 participants

@antirez antirez merged commit 89cde3a into antirez:master Nov 4, 2011

Thanks for the fix. The XSS is not exploitable since the non escape username is only shown to the user that created the malicious username.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment