Potential for cross-site scripting in PostHog-js
Impact Potential for cross-site scripting in posthog-js. Patches The problem has been patched in posthog-js version 1.57.2. Workarounds This isn't an issue for sites that have a Content Security Policy in place. Using the HTML tracking snippet on PostHog Cloud always guarantees the latest version of the library – in that case no action is required to upgrade to the patched version. References We will publish details of the vulnerability …