Comment on XSS attempt
reimu 1 year ago
[<span onmouseover="alert('Im in your mainframe :3')">I should not appear as a span</span>](/)
turns into
Comment on XSS attempt
reimu 1 year ago
[<span onmouseover="alert('Im in your mainframe :3')">I should not appear as a span</span>](/)
turns into
reimu 1 year ago
onclick and onmouseover again works in preview, but is sanitized away after submission.
But the child elements added arbitrarily still remain...