i have problem XSS vulnerability my website on page 404
Open the url PASTE IT HEAR " (wITHOUT QOUTES) open this url and input the following payload "><svg/onload=alert(“XSS”)> You will see an XSS popup
how to fix it !
thank you
i have problem XSS vulnerability my website on page 404
Open the url PASTE IT HEAR " (wITHOUT QOUTES) open this url and input the following payload "><svg/onload=alert(“XSS”)> You will see an XSS popup
how to fix it !
thank you
What version of Yii do you have? Tried updating to latest?
i’m using yii2
Which version exactly?
Hi Vanchienbmt,
Are you using proper encoding when you get data from users?
for example
Html::encode()
If you’re using proper echo and encoding standard then most cases you won’t get XSS attacks…
Happy Coding…