Hi all, I've gone ahead and created the issue that was discussed on the call at https://gitlab.com/ckan/ckan-security/issues/17 It turns out it is potentially even worse than it sounds (see end of comment about unauthenticated API endpoints). Unless anyone has strong objections, I am going to go ahead and work on this using python-markdown. Cheers Ross