mirror of
https://github.com/zulip/zulip-desktop.git
synced 2025-11-14 10:57:44 +00:00
d69c1339e6
This commit fixes a security bug which was caused by using innerHTML and not doing proper HTML escaping. Ideally, we should be doing proper HTML escaping for any data we get from the server to avoid XSS attack. We already handle realm icon and url very well, the realm description was not handled previously but this commit now fixes this in a right way.
18 KiB
18 KiB