XSS Injection in Copilot VSCode suggestions #129576
Unanswered
GoombaProgrammer
asked this question in
Copilot
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Select Topic Area
Bug
Body
Hello, I found a bug in the VSCode copilot suggestions menu.
If you create a text file, (not a html) file, open it in VSCode and type:
```
<html>
(with the ```)
then press CTRL+Enter to complete it, it will not sanitize the HTML generated, showing a, for example, form in the suggestion box
Example:
Beta Was this translation helpful? Give feedback.
All reactions