Development Security

HTML

Link with target=”_blank” and rel=”noopener noreferrer” still vulnerable

<a href="mailto:{{ object.user.email }}" target="_blank" rel="noopener noreferrer">
  {{ object.user.email }}
</a>