all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

XSS Attack - Why strip_tags is not enough

Add to bookmarks
Sept. 13, 2023, 8:05 p.m. | Rodrigo Javornik

DEV Community dev.to

In PHP, it is common to use the strip_tags() function as a way to prevent XSS intrusion. However, this function does not even work to mitigate this type of attack, giving a false sense of security. But why?





What is XSS?


XSS (Cross-Site Scripting) is a form of attack that occurs when an attacker exploits a vulnerability in a web application to insert malicious scripts into its pages. These scripts are executed in the browsers of the application's users and …

attack cross-site function intrusion php programming scripting security what is what is xss work xss

Visit resource

More from dev.to / DEV Community

Quantum Computing and the Looming Threat to Our Privacy: A Deep Dive an hour ago | dev.to
browsing computing cryptography deep dive +27
ecto's cast/4 function explained 3 hours ago | dev.to
casting data def ecto +11
How To Use IServiceCollection In Console Applications – What You Need To Know 6 hours ago | dev.to
applications article asp asp.net core +11
Take the Edge of My MacBook Pro 6 hours ago | dev.to
can coding diy down +16
How to update outdated npm packages 7 hours ago | dev.to
command date default dependencies +13
Python Security Essentials for Your Apps 8 hours ago | dev.to
accounts applications apps bitcoin +29
What Is Vulnerability Remediation? 8 hours ago | dev.to
attackers building can conflict +16
MFA AWS VIA TERMINAL 9 hours ago | dev.to
access amazon amazon web services authentication +37
Laravel's most underrated security feature - What actually is a signed URL, and how do … 12 hours ago | dev.to
application blog box cross site scripting +15

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Senior Application Security Engineer

@ Austin Community College | HMO99: Field Office - MO Remote Location, Remote City, MO, 65043 USA
View on infosec-jobs.com

Sr. Information Assurance Security Analyst

@ SMS Data Products Group, Inc. | San Antonio, TX, United States
View on infosec-jobs.com

Product Cybersecurity Test Infrastructure Engineer (Remote)

@ SNC-Lavalin | HCT99: Field Office - CT Remote Location, Remote City, CT, 06101 USA
View on infosec-jobs.com