dhis2-devs team mailing list archive

[Ngoc Thanh Nguyen <thanh.hispvietnam@xxxxxxxxx>]

Hi all,

Sorry if this issue is irrelevant but when I tried to insert something
malicious script to dhis2 field, I got it stored, like this:
[image: Inline image 1]

It means that data are not filtered at all. In theory, it has a risk of XSS
attack. How do we prevent that?

Thanh