Security updates

May 25th, 2023 | Minor

HTML is now sanitized before rendering in any rich text editors. Unsupported elements will now be represented with uneditable boxes in rich text editors, to prevent cross-site scripting attacks and to help avoid cases where team members may accidentally destroy custom markup. See this article for more details about how this works and best practices for custom markup in rich text content.


  • HTML is now sanitized before loading in the rich text editor.


  • Renaming a folder in CloudCannon no longer causes a sync error.
  • Patched security vulnerabilities.
Open in a new tab