Client_DOM_Stored_XSS issue exists @ webgoat-lessons/client-side-filtering/src/main/resources/js/clientSideFiltering.js in branch main
The method $.get embeds untrusted data in generated output with innerHTML, at line 38 of webgoat-lessons\client-side-filtering\src\main\resources\js\clientSideFiltering.js. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.Similarity ID: 1309736706
Client_DOM_Stored_XSS issue exists @ webgoat-lessons/client-side-filtering/src/main/resources/js/clientSideFiltering.js in branch main
The method $.get embeds untrusted data in generated output with innerHTML, at line 38 of webgoat-lessons\client-side-filtering\src\main\resources\js\clientSideFiltering.js. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.Similarity ID: 1309736706
Severity: High
CWE:79
Vulnerability details and guidance
Checkmarx
Training Recommended Fix
Lines: 17
Code (Line #17):