Fix XSS injection #103

Merged
merged 1 commit into from Nov 4, 2011

2 participants

@antirez antirez merged commit 89cde3a into antirez:master Nov 4, 2011
@antirez
Owner

Thanks for the fix. The XSS is not exploitable since the non escape username is only shown to the user that created the malicious username.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment