Hi, Can anyone tell me something about <!]>]]> XSS vulnerability? please have a look at the following link. https://www.owasp.org/index.php/Testing_for_XML_Injection_(OWASP-DV-008) It tells something about CDATA section delimiters: <!]> Can anyone elaborate that, with examples? Also is it associated with .xhtml pages? Is it required to handle CDATA "]]>&quo
Forum: XSS Info

Hi Albino, Thanks for the quick reply. Yes, we do want to display the code to the user. In our application, we will be taking user input, then we are encoding the user input with certain characters, which is listed below. Then this encoded value will be inserted in the Database. There are several places in application where we will be displaying this encoded vale i.e. user input, to the user.
Forum: XSS Info

Hi, We are trying to implement security in our application, wherein we need to encode and decode the user inputs. So can anybody please provide me a list of all the characters that are disallowed or dangerous, that I need to encode? For eg. for "<" character we use &lt;, for ">" character we use &gt; so can anybody please tell me if the following ment
Forum: XSS Info