From 9ab383a82979a22553361d6e06e49fff2c16c36d Mon Sep 17 00:00:00 2001 From: Sophie Alpert Date: Wed, 1 Aug 2018 12:30:22 -0700 Subject: [PATCH] Tweak words slightly --- content/blog/2018-08-01-react-v-16-4-2.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/blog/2018-08-01-react-v-16-4-2.md b/content/blog/2018-08-01-react-v-16-4-2.md index 95f817b8..296cd149 100644 --- a/content/blog/2018-08-01-react-v-16-4-2.md +++ b/content/blog/2018-08-01-react-v-16-4-2.md @@ -77,9 +77,9 @@ Note that only the `react-dom` package needs to be updated. ## Detailed Description -Your app might be affected by this vulnerability only if these two conditions are true: +Your app might be affected by this vulnerability only if both of these two conditions are true: -* Your app is **being rendered to HTML using [ReactDOMServer API](/docs/react-dom-server.html)**. +* Your app is **being rendered to HTML using [ReactDOMServer API](/docs/react-dom-server.html)**, and * Your app **includes a user-supplied attribute name in an HTML tag.** Specifically, the vulnerable pattern looks like this: