CWEVariantDraft6 recent CVEs

CWE-83Improper Neutralization of Script in Attributes in a Web Page

Description

The product does not neutralize or incorrectly neutralizes "javascript:" or other URIs from dangerous attributes within tags, such as onmouseover, onload, onerror, or style.

Common consequences

Potential mitigations

Related CWEs

Recent CVEs classified under this CWE