commonly-used-taint-config.sink.injection.javax.xss.README.adoc Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of tai-e Show documentation
Show all versions of tai-e Show documentation
An easy-to-learn/use static analysis framework for Java
The newest version!
= Description
- **Overview**:
Java EE provides a set of formatting and output APIs that are used to format data into specific string forms and output these strings to various targets.
- **Common Use Cases**:
These APIs are commonly used for formatting strings, writing text to output streams, and other similar tasks.
- **Security Risks**:
XSS (Cross-Site Scripting) Attacks: If the formatted string or parameters include user input data and are not properly encoded, it may lead to XSS vulnerabilities. For example, if user input contains a `