Quick Fix On inkpilots.com: Preventing XSS
Quick security update for inkpilots.com: user text is currently rendered with React’s setDangerouslyInnerHtml, which can be a potential XSS risk. The important part is that we sanitize the data before rendering it in the Display Windows, so injected scripts can’t run. Plain language XSS: attackers sneak code into a webpage so it runs in a visitor’s browser.
