HTML tags get stripped out from sent messages
When sending messages like test<a>
, HTML tags get stripped out instead of being escaped, resulting in only test
. In unencrypted conversations the message gets sent intact and is only displayed incorrectly, but in encrypted ones it also gets stripped out of the actual message being sent.