Security Issue: Web Application Cross Site Scripting
-
Input is not santized before being output on the screen:
<?php echo $_POST[‘pass1’];?>
<?php echo $_POST[‘pass2’];?>Should be:
<?php echo htmlspecialchars($_POST[‘pass1’]);?>
<?php echo htmlspecialchars($_POST[‘pass2’]);?>
Viewing 4 replies - 1 through 4 (of 4 total)
Viewing 4 replies - 1 through 4 (of 4 total)
- The topic ‘Security Issue: Web Application Cross Site Scripting’ is closed to new replies.
