![]() ![]() In this case, the placeholder highlighted in the code snippet above is replaced with the reviews sent by the user without any validity check. Data is accepted as it is sent, without any control over its validity and security. Here, the main reason for the XSS vulnerability lies in the lack of sanitization of the data sent by the user. The relevant part of the HTML template for the movie page looks as follows: Submit Comments
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |