Closed
Description
I was trying to do some XSS in my project and I got some un-shown text. Which I found out that it was the cause of the script tag that was not escaped.. So I tried doing a v-for loop inside an <option>
tag and use
{{ }}
(Double brackets) to escaped the script tag. I would like to make a pull request sadly bootstrap_vue is using a render less components (I don't really know but it's using render function) which I don't have much knowledge about. So I just submitted an Issue here.
by the way you can replicate the problem using the Live documentation on Bootstrap_vue site.
My browser: Opera
Operating System: Fedora LXDE
Metadata
Metadata
Assignees
Labels
No labels