From 86353c1ee8d675b2e986605a384dc596f69d1e02 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Estev=C3=A3o=20Soares=20dos=20Santos?=
 <estevao.santos@gmail.com>
Date: Sat, 30 May 2015 00:13:47 +0100
Subject: [PATCH] docs(README.md): add link to XSS Vulnerability wiki page

---
 README.md | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 729bc00..5d569a4 100644
--- a/README.md
+++ b/README.md
@@ -161,14 +161,11 @@ Please visit https://github.com/showdownjs/ngShowdown for more information.
 
 ## XSS vulnerability
 
-Showdown doesn't sanitize the input. This is by design since markdown relies on it to allow certain features to be correctly parsed into HTML. This, however, means XSS injection is quite possible.
+Showdown doesn't sanitize the input. This is by design since markdown relies on it to allow certain features to be correctly parsed into HTML.
+This, however, means XSS injection is quite possible.
 
-If you use showdown to parse untrusted input (such as user contributed data), you should: 
-
- - DEFINITELY sanitize the content but only AFTER converting to HTML, not before.
- - PREFERABLY that should be done server side, not client side.
-
-There are a couple of libraries in the wild for your preferred language.
+Please refer to the wiki article [Markdown's XSS Vulnerability (and how to mitigate it)](https://github.com/showdownjs/showdown/wiki/Markdown's-XSS-Vulnerability-(and-how-to-mitigate-it))
+for more information.
 
 ## Extensions