| Ãë¾àÁ¡ID |
210148 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
CGI |
| »ó¼¼¼³¸í |
ÀÚ¹Ù ½ºÅ©¸³Æ® Ŭ¶óÀ̾ðÆ® ÂÊ »ç¿ë ½Ã .innerText »ç¿ëÀº ÀÚµ¿À¸·Î text¸¦ ÀÎÄÚµùÇÒ ¶§ ¹ß»ýÇÏ´Â XSS ¹®Á¦Á¡À» ¹æÁöÇÑ´Ù.
* Âü°í »çÀÌÆ®:
https://www.owasp.org/index.php/AJAX_Security_Cheat_Sheet#Use_.innerText_instead_of_.innerHtml
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
¸ðµç HTTP ¼¹ö ¸ðµç ¹öÀü
¸ðµç ¿î¿µÃ¼Á¦ ¸ðµç ¹öÀü |
| ÇØ°áÃ¥ |
ÀÚ¹Ù ½ºÅ©¸³Æ® Ŭ¶óÀ̾ðÆ® ÂÊ »ç¿ë ½Ã, .innerHtml ´ë½Å¿¡ .innerText¸¦ »ç¿ëÇÏ¿©¾ß ÇÑ´Ù. |
| °ü·Ã URL |
(CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
