-
Story
-
Resolution: Not an issue
-
Neutral
-
None
-
5.2
While all content is already protected at least when using STK where everything is wrapped in HTMLEncodingNodeWrapper there is no similar protection for any info that is coming via request parameters. Such params should be escaped as well.
Acceptance criteria