From 60dd9b704e9889c07b5ead98554256a06662e57b Mon Sep 17 00:00:00 2001 From: Dean Date: Fri, 11 Mar 2022 11:06:05 +0000 Subject: [PATCH] Added html escaping package sanitize-html to prevent injection via the map attribution field --- .../src/components/app/embedded-map/EmbeddedMap.svelte | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/packages/client/src/components/app/embedded-map/EmbeddedMap.svelte b/packages/client/src/components/app/embedded-map/EmbeddedMap.svelte index 692735e9a9..b9fb89f8cb 100644 --- a/packages/client/src/components/app/embedded-map/EmbeddedMap.svelte +++ b/packages/client/src/components/app/embedded-map/EmbeddedMap.svelte @@ -1,5 +1,6 @@