Prevent XSS from Confidant API call
What kind of vulnerability is it? Who is impacted? Potential XSS from API calls below: GET /v1/credentials GET /v1/credentials/ GET /v1/archive/credentials/ GET /v1/archive/credentials POST /v1/credentials PUT /v1/credentials/ PUT /v1/credentials//<to_revision> GET /v1/services GET /v1/services/ GET /v1/archive/services/ GET /v1/archive/services PUT /v1/services/ PUT /v1/services//<to_revision> Stored XSS that can only be used as a stored HTML injection. The attacker needs to be authenticated and have privileges to create new credentials, but could use this …