Leonabcd123

**Name of the Vulnerable Software and Affected Versions** Monkeytype versions prior to 25.49.0 **Description** The software exhibits improper handling of user input, potentially allowing an attacker to execute malicious JavaScript code on users who view a malicious quote submission. The `quote.text` and `quote.source` inputs are directly inserted into the Document Object Model (DOM) without sufficient sanitization. This allows HTML tags within these inputs to be rendered, potentially leading to cross-site scripting (XSS). **Recommendations** Versions prior to 25.49.0 should be updated.

**Name of the Vulnerable Software and Affected Versions** Monkeytype versions prior to 25.36.0 **Description** Improper handling of user input when loading a saved custom text can lead to cross-site scripting (XSS). **Recommendations** Update to a version later than 25.36.0.