Code vulnerable to cross-site scripting (XSS)

Overview

Cross-site scripting (XSS) attacks cover a broad range of attacks where malicious HTML or client-side scripting is provided to a Web application. The Web application includes malicious scripting in a response to a user of the Web application.

Business Impact

Increased risk of data breaches, financial loss, and reputational harm. Eroding customer trust and confidence.

Is your Salesforce solution affected by Code vulnerable to cross-site scripting (XSS)?

Clayton detects anti-patterns and offers automated fix advice to kickstart your Well-Architected journey.

Scan your solution

Resources

Cross-Site Scripting (XSS)
Secure Coding Cross Site Scripting
Mitigate Cross-Site Scripting
Content Security Policy Cheat Sheet
Cross Site Scripting Prevention Cheat Sheet
Injection
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Incidence

How common is this issue?

22%

lower

Exposure

How long do organizations remain exposed before fixing the problem?

68%

shorter

Frameworks

Trusted

Secure

Session Security

Session Management

A03:2021 – Injection

Found a mistake?

If you think something is incorrect, missing or misleading please let us know.

Report an error