Urgent help. for xss cross-site scripting, I scanned a high-risk vulnerability when scanning a website with 360 security detection. List. php? Pid = 6 & quot; alert (42873); & quot; when I use ie to enter the url, it will prompt that the url is not executed, but this should still be potentially dangerous, right? How should we avoid it ?, Htmlspecialchars urgent help, about xss cross-site scripting
I scanned a high-risk vulnerability when I used 360 security detection to scan the website.
List. php? Pid = 6 "; alert (42873 );"
When I use ie to enter the url, a prompt will be displayed.
Although it is not executed, it is still potentially dangerous?
How should we avoid it?
------ Solution --------------------
Htmlspecialchars ()
------ Solution --------------------
How do you use the $ _ GET operation?
If it is a threat, it still comes in through $ _ GET.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.