XSS issue on HTML input using an unsanitised HTML tag #142
Description
This issue has been validated on a live customer website (I am a Penetration Tester), and on a Proof-of-Concept React app.
Due to the potential for exploitation on live websites the payload is not detailed here.
I have reached out directly to @jpuri with the payload and will update the details here when instructed to, or after a reasonable period if responses are not forthcoming.
Feel free to reach out, my goal is to enhance the security of this very useful package.
Thanks!