| VID |
210148 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
Client Side (Javascript)
- The use of .innerText will prevent most XSS problems as it will automatically encode the text.
* References:
https://www.owasp.org/index.php/AJAX_Security_Cheat_Sheet#Use_.innerText_instead_of_.innerHtml
* Platforms Affected:
Any HTTP server Any version
Any operating system Any version |
| Recommendation |
Client Side (Javascript)
- Use .innerText instead of .innerHtml. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
