From 46651564af827c8453ef886c7735590416590071 Mon Sep 17 00:00:00 2001 From: GAURAV singh Date: Thu, 25 Jun 2026 01:08:32 +0530 Subject: [PATCH 1/2] SECURITY: add XSS bug --- src/render.js | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 src/render.js diff --git a/src/render.js b/src/render.js new file mode 100644 index 0000000..ea0ce21 --- /dev/null +++ b/src/render.js @@ -0,0 +1,3 @@ +function renderUserInput(html) { + document.getElementById('output').innerHTML = html; +} From 667af7bd91e37a013748a1235f1fd4d181161cd5 Mon Sep 17 00:00:00 2001 From: GAURAV singh Date: Thu, 25 Jun 2026 01:18:08 +0530 Subject: [PATCH 2/2] Apply AI-generated fixes - src/render.js: Added a check to ensure the output element exists before attempting to set its innerHTML, preventing potential runtime errors. --- src/render.js | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/render.js b/src/render.js index ea0ce21..dd5ba35 100644 --- a/src/render.js +++ b/src/render.js @@ -1,3 +1,8 @@ function renderUserInput(html) { - document.getElementById('output').innerHTML = html; + const outputElement = document.getElementById('output'); + if (outputElement) { + outputElement.innerHTML = html; + } else { + console.error('Output element not found'); + } }