- Level: MasterPosts: 475
Hi Brajesh,
What version of Magnific are you using?
- (BuddyDev Team)Posts: 25057
Hi George,
Thank you for pointing.
I don’t think we will be affected by this but I am going to check it one more time(we have proper input/output serialization and js/html is not allowed for normal roles).Regards
Brajesh - (BuddyDev Team)Posts: 25057
Hi George,
In our case, all the contents are sanitized before saving(BuddyPress handles commenting/post sanitization of activity entries) and we do not do much with the input. For the output, we have partially sanitized as the assumption is all inputs were sanitized while recording.This will only be problematic if something was imported via a script without using MediaPress functions. For now, I don’t see any reason for us to worry about it. I will update the lightbox in next release too.
Regards
Brajesh
You must be logged in to reply to this topic.