questions - Question:How to fix specific XSS URL issues in URL via php?


I am using Netsparker community edition for checking my app for any general security holes. I'm getting a lot of following XSS probable issue areas:

my_php_file.php?nsextt=" stYle=x:expre/**/ssion(alert(9)) ns="

Code in my_php_file.php is not accepting any $_GET or $_POST parameters.

So how I am supposed to fix this sort of XSS problems if I'm not even using those $_GET or $_POST parameters?

Also in pages where I do use $_GET params I get this:

my_php_file2.php?id=" stYle=x:expre/**/ssion(alert(9)) ns="

I do filter all incoming params (for example id from last snippet):


And after all that I even run result of previous in preg to allow only digits in that id param.


asked Sep 13, 2013 in Java Interview Questions by rajesh
edited Sep 12, 2013
0 votes

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.
Anti-spam verification:
To avoid this verification in future, please log in or register.