xss

Prevention of Cross-site scripting (XSS)

I'm wanting to prevent Cross-site scripting (XSS) and am wondering how I can best approach this. (on Bonita version 7.2.4)

For example how to prevent the below script being embedded in the response?

http://localhost:8080/bonita/portal/documentDownload?fileName=alert.jpg&contentStorageId=/<img src=test onerror=alert(1)>

Notifications