CX Client_DOM_XSS @ root/advanced.jsp [refs/heads/master]

**Client_DOM_XSS** issue exists @ **root/advanced.jsp** in branch **refs/heads/master**

*The application's Search&lt;/a&gt; embeds untrusted data in the generated output with location, at line 48 of root\advanced.jsp. This untrusted data is embedded straight into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the output.*

Severity: High

CWE:79

[Vulnerability details and guidance](https://cwe.mitre.org/data/definitions/79.html)

[Checkmarx](https://software-ag.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000041&projectid=12&pathid=1)

[Training](null)
[Recommended Fix](https://software-ag.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=2415&queryVersionCode=77131994&queryTitle=Client_DOM_XSS)

Lines: 48 

---
[Code (Line #48):](null#L48)
```
    <a href="javascript:window.location=window.location.href">New Search</a>
```
---


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CX Client_DOM_XSS @ root/advanced.jsp [refs/heads/master] #31

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

CX Client_DOM_XSS @ root/advanced.jsp [refs/heads/master] #31

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions