I've noticed that in several of the updated templates, the ' escape_html ' has not been used when calling values. eg: modify_success.html
Is it only certain values that are at risk or have the others just been missed?
Is it only certain values that are at risk or have the others just been missed?