BradG

Checkmarx reports potential XSS issues

Recommended Posts

We use Checkmarx Static Code Analysis to identify code vulnerabilities.  In fusioncharts.js 3.12.2, Checkmarx reports 3 potential XSS issues when setting innerHTML to a text property:

line 310 (first occurrence): FusionXSS1.PNG.46068b27970934769aab275c5daec011.PNG

line 310 (second occurrence): FusionXSS2.PNG.d51c19b2a68ecae4228dea1a77754f99.PNG

line 316: FusionXSS3.PNG.a7611efea4cc925c7c10208c23b5f78c.PNG

Can you either fix these vulnerabilities or assure us that they cannot be used to enable a cross site scripting attack?

Edited by BradG

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now