Hello Team,
I am new to aem and frontend, I have already developed project in which a vulnerability is reported for xss injection in text fields(when inserting script to show alert in text field I am getting that alert). I am trying to implement a solution at global level to stop xss scripts. For this I am overlaying the xss protection folder in apps/cq and modifying the config.xml file. I tried several entries one by one
<attribute name="text">
<regexp-list>
<regexp value = "[a-zA-Z0-9]"/>
</regexp-list>
</attribute>
also I tried modifying the existing entry for input tag
<attribute name="value">
<regexp-list>
<regexp value = "[a-zA-Z0-9]"/>
</regexp-list>
</attribute>
Please let me know how can I stop xss injection in fields.
Thanks for Help
