Question

2
Replies
1418
Views
Sankhadeep Banerjee (_SanB4461)
Accenture Technology Services
Architect
Accenture Technology Services
IN
_SanB4461 Member since 2015 23 posts
Accenture Technology Services
Posted: March 15, 2017
Last activity: March 15, 2017
Posted: 15 Mar 2017 5:34 EDT
Last activity: 15 Mar 2017 11:48 EDT
Closed

Cross Site Scripting

Hi - As part of a security testing , one of the vulnerability identified in our system is that they can execute JavaScript alerts from generated URL.

Example : http://XXXXXX:12345/prweb/PRWebLDAP1/Kw_0Z8mslhfshkfhuwL8Q%5B%5B*/!STANDARD/'+alert(50)+'?

Is there any way we can stop executing this alerts even if it's there in url.

I have gone through the articles in PDN related to this but i have not find any resolution/ approach to this problem.

Security
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.