Legal Robot: Code injection

A security researcher discovered that they were able to inject potentially malicious code into Legal Robot's newly created Roadmap page through improper input sanitization when submitting a new Idea for consideration by the community. A limited-scope attack was possible since the input sanitizati...