.. _2026-02-23-jinja-template-security_release:

=================================================================================
2026-02-23 - Template Security Enhancement
=================================================================================

Release
==================
AgileData.io - Safer Templates: XSS Protection Enabled

**What was happening:**

Jinja templates were running without automatic HTML escaping, creating potential security vulnerabilities if user-provided data contained malicious scripts. While we had no known exploits, this represented an unnecessary security risk.

**What's fixed:**

* Enabled autoescape for all Jinja templates
* User-provided content automatically sanitized
* Cross-site scripting (XSS) protection enabled
* Template security hardened across the platform
* Exception handling warnings addressed

**What this means for you:**

* Your data is more secure from injection attacks
* Platform meets stricter security standards
* No changes to template functionality or appearance
* Enhanced SOC 2 compliance posture
* Peace of mind with hardened security controls

Last Refreshed
===========================
*Doc Refreshed: 2026-02-23*