Differenze tra le versioni di "Template:XSS alert/doc"
Da GeoGebra Manual.
m (una revisione importata) |
|
(Nessuna differenza)
|
Versione attuale delle 02:34, 17 giu 2011
This is a documentation subpage for Template:XSS alert (see that page for the template itself). It contains usage information, categories, interlanguage links and other content that is not part of the original template page. |
- Description
- Adds an alert box describing a Cross-site scripting vulnerability in including Extension page. Also adds including page to mw:Category:Extensions with XSS vulnerabilities
- If your extension was tagged with this template please read
- Example
{{XSS alert|~~~~}}
- Creates
WARNING: the code or configuration described here poses a major security risk.
Problem: Vulnerable to Cross-site scripting attacks, because it passes user input directly to the browser. This may lead to user accounts being hijacked, among other things. |