You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I found this: https://www.pygame.org/project/4210 really old project on the website. It seems like <script> is escaped but <!-- is not on the list page. This breaks the layout of the page. This case is relatively innocent but you can potentially selectively disable arbitrary scripts or page elements using this method to create a real security vulnerability.
The details page gives a 500 error.
Not sure if this is the place for website bugs, please point me to the correct place if this isn't it
The text was updated successfully, but these errors were encountered:
I found this: https://www.pygame.org/project/4210 really old project on the website. It seems like
<script>is escaped but<!--is not on the list page. This breaks the layout of the page. This case is relatively innocent but you can potentially selectively disable arbitrary scripts or page elements using this method to create a real security vulnerability.The details page gives a 500 error.
Not sure if this is the place for website bugs, please point me to the correct place if this isn't it
The text was updated successfully, but these errors were encountered: