G

elements classes are not removed from blog body when cleaned

Element classes should be removed from blog body (except the one explicitly set by the backend), as it could lead to potential security issues (using web frontend CSS could lead to unexpected behaviour, like simulating a password field).

id

389

author

Goffi

created

06/07/2021, 17:31

updated

06/07/2021, 17:31

labels
blog security
type
bug
status
queued
priority
normal
milestone
0.7
severity
normal