关键漏洞信息 Fixes: Security Fix: Sanitize Reddit's browsing output to prevent stored XSS. (#2438) XSS Vulnerability: Addressed XSS vulnerability reported by @ByamB4 and published as a GitHub Advisory. (#2438) Fix for Content Extraction: Eliminated O(n²) parsing of Netscape bookmark imports. (#2338) Summary of Key Vulnerabilities: XSS (Cross-Site Scripting): - Details: The sanitizer for Reddit's crawling output was updated to prevent stored XSS vulnerabilities. - Impact: Prevents stored XSS attacks, which could allow attackers to inject malicious scripts. - Mitigation: Sanitization of untrusted data in Reddit crawling. Performance and Stability: - Netscape Bookmark Imports: Improved parsing algorithms to eliminate O(n²) complexity, enhancing performance and stability. - Smart List Usage: Allowed smart lists in search qualifiers and other smart list queries.