+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: xss filter don't filter for <img src="host"/> (/showthread.php?tid=71300)
xss filter don't filter for <img src="host"/> - michaelv - 07-30-2018
hello
we found potentiol issue withh xss filter function,
data like:
<img src="host" />
is not filtered
if 'host' is malicious = > potiental remote attack
regards