Jump to content

XSS Issue


Jonah0037

Recommended Posts

Hello,

Recently, we have had a few people attempt to XSS our site to prevent usage, and what is happening is they are running scripts on our site with script tags that are being inputted in the Registration page. We've been trying to figure out how we can escape or sanitize these inputs to essentially remove the scripts tag(s), so the code won't run. 

 

Any ideas or thoughts would be greatly appreciated!

Link to comment
Share on other sites

11 hours ago, ProAvia said:

Have a look at this link: https://paragonie.com/blog/2015/06/preventing-xss-vulnerabilities-in-php-everything-you-need-know

Or Goggle... preventing cross site scripting in php

Thanks! Currently, we're attempting to implement CSP (Content Security Policy) to prevent inline javascript from running, so we're hopeful this will solve our issue.

Edited by Jonah0037
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...