Search Fix Guides

1 result(s) for "JavaScript injected"

HTML Escaping Removed, Creating XSS Vulnerability

After Cursor refactored your template rendering code, HTML escaping was removed or disabled. User input is now rendered as HTML instead of being escaped, cre...

cursor security