secure-code-warrior-for-github[bot]
commented
1 week ago Micro-Learning Topic: Cross-site scripting (Detected by phrase)
Matched on "Cross-site scripting"
Cross-site scripting vulnerabilities occur when unescaped input is rendered into a page displayed to the user. When HTML or script is included in the input, it will be processed by a user's browser as HTML or script and can alter the appearance of the page or execute malicious scripts in their user context.
Try a challenge in Secure Code Warrior
Helpful references
- Prevent Cross-Site Scripting (XSS) in ASP.NET Core - A detailed Microsoft article on how to prevent cross-site scripting in ASP.NET Core.
- OWASP Cross Site Scripting (XSS) Software Attack - OWASP community page with comprehensive information about cross site scripting, and links to various OWASP resources to help detect or prevent it.
- OWASP Cross Site Scripting Prevention Cheat Sheet - This article provides a simple positive model for preventing XSS using output encoding properly.
Severity: Medium Vulnerability Description: Cross-site scripting More Details: https://github.com/Karthiktests/demo-csharp/security/code-scanning/20 State: open Updated At: 2024-09-05T18:07:57Z Created At: 2024-09-05T18:07:56Z