We're updating the issue view to help you get more done. 

Fix security breach when viewing messages of ongoing support sessions

Description

Fix security breach when viewing messages of ongoing support sessions. Support users may send dangerous javascript as part of their chat session or use them in their resource (of their full JID). We need to escape the content before displaying it.

Environment

None

Acceptance Test - Entry

None

Assignee

MattM

Reporter

Gaston Dombiak

Labels

None

Expected Effort

None

Ignite Forum URL

None

Fix versions

Affects versions

Priority

Critical
Configure