Forum OpenACS Q&A: Response to Bugtraq: cross site scripting

Posted by Jon Griffin on
I haven't tried in a while, but I believe that we are NOT vulnerable since we don't allow most html and the request processor eliminates these problems.

I think there was another thread about this a while ago.