|
|
|
|
|
|
by d1b
5557 days ago
|
|
|
I think in the github and launchpad case the security that a WAF normally offers would have been broken because the data to trigger the vector did not come through http nor https. I suggest you have a play around with github wiki's they already have 'html sanitization' built in. |
|
|