This week's book giveaway is in the Java in General forum. We're giving away four copies of Beginning Java 17 Fundamentals: Object-Oriented Programming in Java 17 and have ishori Sharan & Adam L Davis on-line! See this thread for details.
While running security scan for an application, we got error like The test successfully embedded a script in the response, which will be executed once the user activates the OnMouseOver function However, in the response we can see that the script embedded looks like
I cannot see any security threat here, do we need to worry about this? since we already have a filter which filters out < > symbols , thus <script> can never be injected.
Please provide your valuable suggestions.
SCJP,SCWCD, Into ATG now!
WHAT is your favorite color? Blue, no yellow, ahhhhhhh! Tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop