Escape XML should be enabled
Impact area
Security
Severity
High
Affected element
System property
Rule ID
SN-0187Impact
Input validation has to occur on the application to defend against cross-site scripting attacks which would allow foreign scripts to execute on user session in the logged in browser's context. This can be leveraged by attackers to steal session information and sensitive data.
Remediation
Set the system property " glide.ui.escape_text" to true.
Time to fix
15 min
References
This rule is linked to Common Weakness Enumeration CWE-150 Improper Neutralization of Escape.