I have a XSS vulnerability in my search field, when I put the tipical alert(’xss’) the window appears. I have used vega and OWASP ZAP in order to know where is my fault and I have detected, it is in the underlined code but I dont know how to sanitize, could you help me? Here is my code:
<?php
require_once("../include/pictures.php");
require_once("../include/comments.php");
require_once("../include/cart.php");
require_once("../include/html_functions.php");
require_once("../include/functions.php");
session_start();
if (!isset($_GET['query']))
{
http_redirect("/error.php?msg=Error, need to provide a query to search");
}
$pictures = Pictures::get_all_pictures_by_tag($_GET['query']);
?>
<?php our_header("", $_GET['query']); ?>
<div class="column prepend-1 span-24 first last">
<h2>Pictures that are tagged as '<?= $_GET['query'] ?>'</h2>
<?php thumbnail_pic_list($pictures); ?>
</div>
<?php our_footer(); ?>
I cant underlined, the code which is necessary sanitize is:
'<?= $_GET['query'] ?>'
question from:
https://stackoverflow.com/questions/65644790/search-field-with-xss-vulnerability 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
