CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Official CWE-79 definition at MITREImpactr finds and proves weaknesses like CWE-79 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist