Impact Area
Security
Severity
High
Affected Element
System property
Rule ID #
SN-0182
Impact #
Input validation has to occur on the application to defend against cross-site scripting attacks which would allow foreign scripts to execute on user session in the logged in browser’s context. This can be leveraged by attackers to steal session information and sensitive data.
Remediation #
Set the system property “glide.ui.escape_text” to true.
Time to fix #
15 min
References #
This rule is linked to Common Weakness Enumeration CWE-150 Improper Neutralization of Escape.
