mention not just a problem for Vector

2016-08-27 00:13:56 +01:00
parent efc5462131
commit e06caa9ca1
1 changed files with 1 additions and 1 deletions
--- a/README.md
+++ b/README.md
@@ -26,7 +26,7 @@ Important Security Note
 We do not recommend running Vector from the same domain name as your Matrix
 homeserver.  The reason is the risk of XSS (cross-site-scripting) vulnerabilities
 that could occur if someone caused Vector to load and render malicious user generated
-content from a Matrix API which then had trusted access to Vector due
+content from a Matrix API which then had trusted access to Vector (or other apps) due
 to sharing the same domain.

 We have put some coarse mitigations into place to try to protect against this situation,