Avoid processing unescaped URL parameters

Impact area

Manageability

Severity

Medium

Affected element

Apex  Class

Rule ID

SF-0045

Impact

URL parameters can be an attack vector for cross-site and code injection attacks.


Remediation

Make sure that all values obtained from URL parameters are properly escaped / sanitized to avoid XSS attacks.

Time to fix

60 min




Last modified on Dec 23, 2022