-
Sub-task
-
Resolution: Done
-
Medium
-
None
-
None
-
None
-
None
Cross-site scripting (XSS) vulnerabilities occur when:
1. Data enters a web application through an untrusted source. In the case of Reflected XSS, the untrusted source is typically a web request, while in the case of Persisted (also known as Stored) XSS it is typically a database or other back-end datastore.
Such as data enters by getParameter().
2. The data is included in dynamic content that is sent to a web user without being validated.