Inconsistent input sanitisation leads to XSS vectors
Background A variety of templates do not perform proper sanitization through HTML escaping. Due to the lack of sanitization and use of jQuery.html, there are a whole host of XSS possibilities with specially crafted input to a variety of fields. Impact OMERO.web before 5.11.0 and OMERO.figure befo...