HTML injection

Avatar

Avatar
Boost 1
Level 1
ariesyinn
Level 1

Like

1 like

Total Posts

33 posts

Correct reply

0 solutions
Top badges earned
Boost 1
Validate 1
View profile

Avatar
Boost 1
Level 1
ariesyinn
Level 1

Like

1 like

Total Posts

33 posts

Correct reply

0 solutions
Top badges earned
Boost 1
Validate 1
View profile
ariesyinn
Level 1

28-02-2021

Hi ,

May I know how to prevent injecting HTML? I am using AEM 6.2.

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Establish
MVP
Ravi_Pampana
MVP

Likes

197 likes

Total Posts

243 posts

Correct reply

75 solutions
Top badges earned
Establish
Contributor
Shape 1
Ignite 5
Ignite 3
View profile

Avatar
Establish
MVP
Ravi_Pampana
MVP

Likes

197 likes

Total Posts

243 posts

Correct reply

75 solutions
Top badges earned
Establish
Contributor
Shape 1
Ignite 5
Ignite 3
View profile
Ravi_Pampana
MVP

01-03-2021

Hi,

 

Usually html injection can happen by either url or user input data. We need to check for the html tags and encode them to make sure they are consider as string instead of html tags.

 

Take a look at below link for additional details

 

https://www.softwaretestinghelp.com/html-injection-tutorial/

Answers (1)

Answers (1)

Avatar

Avatar
Coach
Employee
jbrar
Employee

Likes

389 likes

Total Posts

869 posts

Correct reply

283 solutions
Top badges earned
Coach
Establish
Give Back 50
Give Back 5
Give Back 3
View profile

Avatar
Coach
Employee
jbrar
Employee

Likes

389 likes

Total Posts

869 posts

Correct reply

283 solutions
Top badges earned
Coach
Establish
Give Back 50
Give Back 5
Give Back 3
View profile
jbrar
Employee

01-03-2021

Apply the latest hotfix and use the Adobe recommended security configs: https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/security-checkl...

 

Lastly, AEM 6.2 has been out of support for a long time and the best option will be to move to 6.5 Or AEM Cloud.