CraSSh vulnerability?

Hi guys,
does someone know about CraSSh vulnerability of Discourse? Is this issue only a browser-side bug or is there any potential risk for modern web services like Discourse?

Is there any recommendable security analysis site, to detect current issues by any kind of security issues? Like Qualys SSL Labs test?


This is limited to being browser-side unless you allow users to edit/add CSS (Discourse doesn’t allow it).