Xss Questions

Ad
Ad
Ad

Handlebarsjs "smart" escape

Is there is any way to setup some sort of settings for handlebars escape so it omit particular tags? or if there is any set of helpers that can do

Is this vulnerable to XSS?

I know this is vulnerable as a hacker could embed an image that visits the site url and do all sorts with the 'message' parameter:
Ad

Blog Categories

Ad