Title: Payments Type: Bug Description: The payment instructions setting (manual payment plugin) is not properly escaped. Ensure that it is escaped on display. Milestone: 3.3.0-22 Status: Closed Assignees: No one assigned Labels: Bug Projects: No projects Branches or pull requests: No branches or pull requests Participants: asmecher Milestone Closed: Closed 13 hours ago, 100% complete Key Points: Security Impact: The vulnerability could potentially allow for script injection in the payment instructions. Resolution: The issue was resolved in the milestone 3.3.0-22. Commits: Eight commits were made to fix this issue, targeting various branches and stable versions. Testing: Specific steps to reproduce and expected/actual results are to be determined.