User controllable script source

  1. Web Vulnerabilities
  2. User controllable script source
Description
  • The src parameter for one script tag from this page is dirrectly controlled by user input. An attacker who can control the reference location to a JavaScript source file can load a script of their choice into an application.
Remediation
  • Your script should properly sanitize user input. Do not allow user-input to control script source location references.
Severity
Classification
Tags
Related Vulnerabilities