AnsweredAssumed Answered

Can anyone tell me something about <![CDATA[]]>]]> XSS ?

Question asked by neufmartial on Apr 2, 2012
Latest reply on Apr 3, 2012 by mitpatoliya
Hi,

Can anyone tell me something about <![CDATA[]]>]]> XSS vulnerability?

please have a look at the following link.

https://www.owasp.org/index.php/Testing_for_XML_Injection_(OWASP-DV-008)

It tells something about CDATA section delimiters: <![CDATA[ / ]]>

Can anyone elaborate that, with examples?

Also is it associated with .xhtml pages? Is it required to handle CDATA "]]>" character for XSS in .html application?

Regards,
Dinesh

Outcomes