Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
None
-
None
-
None
Description
As a minor security precaution, we should consider validating the paramName argument passed into shindig.container.util.getParamValue to prevent regex's being passed in that might overbroadly match context.