Get Started
- CodeAnt AI
- Setup
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Android
- Aws-lambda
- Castor
- Java-jwt
- Jax-rs
- Jboss
- Jdo
- Jedis
- Jjwt
- Jsch
- Kryo
- Lang
- Micronaut
- Mongo
- Mongodb
- Mysql
- Okhttp
- Rmi
- Servlets
- Spring
- Thymeleaf
- Xstream
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
Xss
Jsf
Detected an element with disabled HTML escaping. If external data can reach this, this is a cross-site scripting (XSS) vulnerability. Ensure no external data can reach here, or remove ‘escape=false’ from this element.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences
OWASP:
- A
- 0
- 7
- :
- 2
- 0
- 1
- 7
-
- -
-
- C
- r
- o
- s
- s
- -
- S
- i
- t
- e
-
- S
- c
- r
- i
- p
- t
- i
- n
- g
-
- (
- X
- S
- S
- )