Title: A3 Cross-site Scripting (XSS)  
Owner: Former user
Creator: Former user Aug 02, 2016
Last Changed by: Former user Feb 27, 2017
Tiny Link: (useful for email) https://pentaho-public.atlassian.net/wiki/x/XIFARQ
Export As: Word · PDF  
Labels
There are no labels assigned to this page.
Time Editor  
Feb 27, 2017 03:55 Former user View Changes
Migration of unmigrated content due to installation of a new plugin
Feb 27, 2017 03:55 Former user View Changes
Migrated to Confluence 4.0
Feb 27, 2017 03:55 Former user View Changes
Nov 02, 2016 10:29 Former user View Changes
Nov 02, 2016 09:40 Former user  
Outgoing Links
External Links (28)
    https://search.maven.org/
    https://www.owasp.org/index.php/OWASP_Java_Encoder_Project
    owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/org/ow…
    https://rawgit.com/OWASP/java-html-sanitizer/master/distrib…
    web-in-security.blogspot.de/2016/03/xml-parser-evaluation.h…
    www.owasp.org/index.php/ASVS
    https://www.owasp.org/index.php/AJAX_Security_Cheat_Sheet
    https://www.owasp.org/index.php/OWASP_JSON_Sanitizer
    lists.owasp.org/pipermail/owasp_sonarqube/2015-March/000023…
    https://www.owasp.org/index.php/Top_10_2013-A3-Cross-Site_S…
    https://github.com/OWASP/java-html-sanitizer/blob/master/sr…
    https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_…
    www.owasp.org/index.php/Reviewing_Code_for_Cross-site_scrip…
    https://github.com/OWASP/java-html-sanitizer/blob/master/do…
    https://www.owasp.org/index.php/Avoid_the_JavaScript_Protoc…
    https://github.com/twitter/secureheaders
    www.owasp.org/index.php/Cross-site_Scripting_(XSS)
    www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Preventi…
    https://www.owasp.org/index.php/3rd_Party_Javascript_Manage…
    https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_P…
    https://www.owasp.org/images/c/c5/Unraveling_some_Mysteries…
    https://www.owasp.org/index.php/DOM_based_XSS_Prevention_Ch…
    www.owasp.org/index.php/ESAPI
    https://github.com/hackvertor/MentalJS
    cwe.mitre.org/data/definitions/79.html
    www.owasp.org/index.php/Testing_for_Data_Validation
    ha.ckers.org/xss.html
    https://github.com/cure53/DOMPurify