CWE-80
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as <, >, and & that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages.
Official CWE-80 definition at MITREImpactr finds and proves weaknesses like CWE-80 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist