fix(auth): JS-encode redirect_to to prevent XSS in auth_callback#1409

Open

failsafesecurity wants to merge 1 commit into

AgentOps-AI:mainfrom

failsafesecurity:fix/find-001-xss-auth-callback-js-injection

Commits on Jun 18, 2026

fix(auth): JS-encode dashboard_url to prevent reflected XSS in auth_callback
Joshua-Medvinsky
committed