Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
komarevtsev2017-07-21 09:38:05
JavaScript
komarevtsev, 2017-07-21 09:38:05

XSS on page for internal use?

I want to use <code> tag in internal use page to view user data.
How much will this tag protect against xss?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
S
Stalker_RED, 2017-07-21
@Stalker_RED

If there is no escaping or filtering besides the <code> tag, then it will not help at all. Nobody hinders to write </c⁠ode>alert(1);
And if there is a normal screening of an output that and <code> is not obligatory.

Report
S
sim3x, 2017-07-21
@sim3x

No
sanitizing of user input is done before saving to the database

Similar questions
W
wawaso2017-04-22 19:10:19
How do sites work where you can see your history of downloaded torrents? 4Reply
I
Ilya2019-09-24 16:49:03
Laravel: socialite-mailru works great, but mail.ru doesn't redirect to redirect_url, why? 2Reply
S
SiQo2021-04-09 16:56:05
Why are styles not set through a pseudo-class? 4Reply
C
coolfusion2015-05-21 14:14:26
An example of the implementation of a singly linked list in C #, It's not clear where the Netx property of the Head object comes from? 2Reply
A
Arxad2021-04-15 13:27:26
How to bind objects created in a Django form? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question