Closed LiilyZhang closed 5 years ago
This is from pen-testing report. Check "<" and ">" from PUT body before the API code is executing, to prevent user inject something like html tag. Apply to 1) set destination list, 2) create/update an object API
This is from pen-testing report. Check "<" and ">" from PUT body before the API code is executing, to prevent user inject something like html tag. Apply to 1) set destination list, 2) create/update an object API