Category:Extensions with XSS vulnerabilities/en

These extensions are known to contain cross-site scripting (XSS) vulnerabilities, which expose users to malicious client code injection that could be used to, among other things, hijack user accounts or expose cookies to foreign domains.

It is advised that these are not used on a public, production wiki until the issues are addressed.

To add an extension to this list, tag it with $template.