...
| Wiki Markup |
|---|
\[[MITRE 2009|AA. Bibliography#MITRE 09]\] [CWE ID 116|http://cwe.mitre.org/data/definitions/116.html] "Improper Encoding or Escaping of Output" \[[OWASP 2008|AA. Bibliography#OWASP 08]\] [How to add validation logic to HttpServletRequest|http://www.owasp.org/index.php/How_to_add_validation_logic_to_HttpServletRequest], [XSS (Cross Site Scripting) Prevention Cheat Sheet|http://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#Escaping_.28aka_Output_Encoding.29] |
...
IDS03-J. Do not delete Sanitize non-character code points before performing other sanitization 13. Input Validation and Data Sanitization (IDS)