The risk as I understand it is: someone commits an image into a branch on Launchpad (for example) that actually contains malicious content that does a cross-site scripting attack that steals the viewer's Launchpad credentials.
The risk as I understand it is: someone commits an image into a branch
on Launchpad (for example) that actually contains malicious content
that does a cross-site scripting attack that steals the viewer's
Launchpad credentials.