Shopping Cart

No products in the cart.

Quality Clouds Community
Quality Clouds Community
View Categories

“Allow Javascript tags in Embedded HTML” Property Should Be Disabled

Table of Contents
Impact Area

Security

Severity

High

Affected Element

System property

Rule ID #

SN-0197

Impact #

Journal fields have the ability to render text enclosed within code tags as HTML. There is an associated security risk, since any malicious user can write JS code that may be executed on a different client browser after the journal fields are rendered.

Remediation #

Set the glide.ui.security.codetag.allow_script property to false to disable support for embedding Javascript tags using the [code] tag.

Time to fix

15 min

References #

This rule is linked to Common Weakness Enumeration CWE-150 Improper Neutralization of Escape.

What are your Feelings

Powered by BetterDocs

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups

Please allow a few minutes for this process to complete.

Report

You have already reported this .