HTML injection | Community
Skip to main content
This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by Ravi_Pampana

Hi,

 

Usually html injection can happen by either url or user input data. We need to check for the html tags and encode them to make sure they are consider as string instead of html tags.

 

Take a look at below link for additional details

 

https://www.softwaretestinghelp.com/html-injection-tutorial/

2 replies

Ravi_Pampana
Community Advisor
Ravi_PampanaCommunity AdvisorAccepted solution
Community Advisor
March 1, 2021

Hi,

 

Usually html injection can happen by either url or user input data. We need to check for the html tags and encode them to make sure they are consider as string instead of html tags.

 

Take a look at below link for additional details

 

https://www.softwaretestinghelp.com/html-injection-tutorial/

    U
    Adobe Employee
    user05162Adobe Employee
    Adobe Employee
    March 1, 2021

    Apply the latest hotfix and use the Adobe recommended security configs: https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/security-checklist.html?lang=en#security

     

    Lastly, AEM 6.2 has been out of support for a long time and the best option will be to move to 6.5 Or AEM Cloud.

      A
      ariesyinnAuthor
      Level 3
      March 2, 2021
      Hi jbrar, I understand AEM6.2 is out of support and we are planning to upgrade. But, as this is very important security, we need to prevent this. May I know how to resolve this?
      Terms & ConditionsAccessibility statement

      Loading footer...