Description
The two main vectors for XSS attacks are plugins (via the titles/descriptions in the manifest or config schema) and an imported configuration. Verify the Island UI is safe from XSS attacks from these two vectors.
Pay special attention to any uses of dangerouslySetInnerHTML.
Tasks
Description
The two main vectors for XSS attacks are plugins (via the titles/descriptions in the manifest or config schema) and an imported configuration. Verify the Island UI is safe from XSS attacks from these two vectors.
Pay special attention to any uses of
dangerouslySetInnerHTML.Tasks