myctrl.tools
Compare

SBD-ALERT-2Eliminating Cross-Site Scripting Vulnerabilities

>Control Description

CISA Secure by Design Alert (September 18, 2024): Technology manufacturers should eliminate cross-site scripting (XSS) vulnerabilities (CWE-79) from their web-based products through the use of safe-by-default templating frameworks, output encoding, Content Security Policy (CSP), and other architectural approaches that prevent XSS at the framework level rather than relying on individual developer vigilance.

>Related Controls

SBD-PLEDGE-3

Ask AI

Configure your API key to use AI features.