We have frequently come across cross-site scripting vulnerability (
more about XSS
) in input fields where HTML special characters are not sanitized. However, these days most developers are aware of this vulnerability and diligently filter user-supplied inputs in forms and URLs.
Cross site scripting