id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc
9930	XSS onLoad error in Source Mode	David Walsh		"There's an XSS flaw in versions 3.6.4 and 4.0.1

Steps to reproduce:

1.  Enter source mode
2.  Add ""<svg><circle onload=confirm(3)>"" somewhere in the code
3.  Click ""Source"" again
4.  View the confirmation popup"	Bug	closed	Normal		General	3.0	fixed	Webkit