alt Hacker NewsThe report is kind of concerning to read, particularly having XSS in this kind of app. The report was not meant to be exhaustive and fixing those vulns isn't some kind of implicit tick of approval.
The report is kind of concerning to read, particularly having XSS in this kind of app. The report was not meant to be exhaustive and fixing those vulns isn't some kind of implicit tick of approval.
It's from October 2025, lots of issues have been fixed since then. At least you're more informed and can decide whether you'd like to use it accordingly. Compare that to most projects which are complete unknowns.