all InfoSec news
XSS Attack - Why strip_tags is not enough
Sept. 13, 2023, 8:05 p.m. | Rodrigo Javornik
DEV Community dev.to
In PHP, it is common to use the strip_tags()
function as a way to prevent XSS intrusion. However, this function does not even work to mitigate this type of attack, giving a false sense of security. But why?
What is XSS?
XSS (Cross-Site Scripting) is a form of attack that occurs when an attacker exploits a vulnerability in a web application to insert malicious scripts into its pages. These scripts are executed in the browsers of the application's users and …
attack cross-site function intrusion php programming scripting security what is what is xss work xss
More from dev.to / DEV Community
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Senior Application Security Engineer
@ Austin Community College | HMO99: Field Office - MO Remote Location, Remote City, MO, 65043 USA
Sr. Information Assurance Security Analyst
@ SMS Data Products Group, Inc. | San Antonio, TX, United States
Product Cybersecurity Test Infrastructure Engineer (Remote)
@ SNC-Lavalin | HCT99: Field Office - CT Remote Location, Remote City, CT, 06101 USA