Skip to content

0.18.3

Compare
Choose a tag to compare
@colinodell colinodell released this 21 Mar 22:52
0.18.3
b1ec41c

This is a security update release.

Changed

  • XML/HTML entities in attributes will no longer be preserved when rendering (#353)

Fixed

  • Fix XSS vulnerability caused by improper preservation of entities when rendering (#353)

Deprecated

  • Deprecated the $preserveEntites argument of Xml::escape() for removal in the next release (#353)