CWE-87: Improper Neutralization of Alternate XSS Syntax

VariantDraft

The product does not neutralize or incorrectly neutralizes user-controlled input for alternate script syntax.

View on MITRE
Back to CWE Lookup

Technical Details

Structure
Simple

Applicable To

Languages
Not Language-Specific
Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-87

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references

CWE-87: Improper Neutralization of Alternate XSS Syntax | CWE Lookup | Inventive HQ