Skip to Content
1
Former Member
Apr 27, 2015 at 09:27 PM

XSS Filter: How secure are we?

640 Views

While in production we came to some recent XSS vulnerability in our application. Our application has all the security patches with the XSS filter. I have 2 questions here:

  1. OOTB, are we using any white-list sanitization?

  2. Why are we relying on Blacklist sanitization as is highly impractical to identify all possible XSS Payloads and this approach is not recommended.