1
 min read

User Controllable HTML Element Attribute (Potential XSS)

This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled.

Summary

This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.

Solution

Validate all input and sanitize output before writing to any HTML attributes.

References

Scan and protect your web application from hackers

Run our automated penetration testing and vulnerability assessment to protect your web application from hackers.

Thank you for registering
Oops! Something went wrong.