One of the changelog entries for the latest version of Grid Kit is “Security & performance improvements”. Looking at the changes made in that version we saw that various user input was now validated or sanitized. The lack of that at least previously led to a reflected cross-site scripting (XSS) vulnerability.

…

[Read more]