Re: CERT Advisory on malicious scripts

This WebDNA talk-list message is from

2000

It keeps the original formatting. numero = 27028
interpreted = N
texte = >Can someone tell me all the places I would need to convert the < char into nothing to prevent maliciousnous?Only when displaying as HTML on a page.>What about inside textareas that user has access to?Nope. Any time it's displayed inside a form field, it is NOT interpreted by the browser.>How about on an admin only page? - Could the malicious doer input a