About 3 years ago, someone in the UK founded a company and gave it the name “><SCRIPT SRC=HTTPS://MJT.XSS.HT> LTD 😳
He said he thought it would be a playful name for his consulting business. 😜
That name with a quotation mark and chevron would cause issues in any site that didn't properly escape the HTML code. The site would load and execute a script from the XSS Hunter, another site that helps developers expose cross-site scripting (XSS) vulnerabilities by displaying an alert that served as proof of vulnerability.
There was another person who registered ; DROP TABLE "Companies";-- Ltd
which would likely be a problem on some databases if not escaped properly.
Now let's say you have a query in Salesforce looking like this:
List<User> userList =
Database.query(
'SELECT Id FROM User WHERE UserName = \'' + userInput + '\''
);
If you didn't escape that userInput string, someone could maliciously enter
\' OR CreatedDate != null OR Name = \' (single quotes included) to make that query return all users.
The following Trailhead teaches some methods to deal with that threat:
🔗 https://lnkd.in/gjEgrUDY
