CraSSh vulnerability?

Hi guys,
does someone know about CraSSh vulnerability of Discourse? Is this issue only a browser-side bug or is there any potential risk for modern web services like Discourse?

https://cras.sh/

Is there any recommendable security analysis site, to detect current issues by any kind of security issues? Like Qualys SSL Labs test?

Best!

This is limited to being browser-side unless you allow users to edit/add CSS (Discourse doesn’t allow it).

4 Likes