View allAll Photos Tagged ApplicationSecurity
We have frequently come across cross-site scripting vulnerability (more about XSS) in input fields where HTML special characters are not sanitized. However, these days most developers are aware of this vulnerability and diligently filter user-supplied inputs in forms and URLs.
For More details: blog.entersoftsecurity.com/vulnerability-xss-in-image-name