CAPEC Related Weakness
Reflected XSS
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
XSS Using MIME Type Mismatch
CWE-20Improper Input Validation
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-646Reliance on File Name or Extension of Externally-Supplied File
DOM-Based XSS
CWE-20Improper Input Validation
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-83Improper Neutralization of Script in Attributes in a Web Page
Stored XSS
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
AJAX Fingerprinting
CWE-20Improper Input Validation
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-86Improper Neutralization of Invalid Characters in Identifiers in Web Pages
CWE-96Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CWE-113Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
CWE-116Improper Encoding or Escaping of Output
CWE-184Incomplete List of Disallowed Inputs
CWE-348Use of Less Trusted Source
CWE-692Incomplete Denylist to Cross-Site Scripting
CWE-712OWASP Top Ten 2007 Category A1 - Cross Site Scripting (XSS)
Cross-Site Scripting (XSS)
CWE-20Improper Input Validation
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Back to Top