HTML injection

Avatar

Avatar

ariesyinn

Avatar

ariesyinn

ariesyinn

28-02-2021

Hi ,

May I know how to prevent injecting HTML? I am using AEM 6.2.

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

Ravi_Pampana

MVP

Avatar

Ravi_Pampana

MVP

Ravi_Pampana
MVP

01-03-2021

Hi,

 

Usually html injection can happen by either url or user input data. We need to check for the html tags and encode them to make sure they are consider as string instead of html tags.

 

Take a look at below link for additional details

 

https://www.softwaretestinghelp.com/html-injection-tutorial/

Answers (1)

Answers (1)

Avatar

Avatar

jbrar

Employee

Avatar

jbrar

Employee

jbrar
Employee

01-03-2021

Apply the latest hotfix and use the Adobe recommended security configs: https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/security-checkl...

 

Lastly, AEM 6.2 has been out of support for a long time and the best option will be to move to 6.5 Or AEM Cloud.