ZAP – User Controllable HTML Element Attribute (Potential XSS)

Details
Alert Id	10031
Alert Type	Passive
Status	release
Risk
CWE
WASC
Technologies Targeted	All
Tags	OWASP_2017_A01 OWASP_2021_A03

Summary

This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.

Solution

Validate all input and sanitize output it before writing to any HTML attributes.

Other Info

References

http://websecuritytool.codeplex.com/wikipage?title=Checks#user-controlled-html-attribute

Code

org/zaproxy/zap/extension/pscanrules/UserControlledHTMLAttributesScanRule.java