Description
an attacker can produce a malicious link to execute js if a user clicks the link
Current Result
a browser executes the js embedded in the link
Expected Result
no js executed
Debug Information
- this attack is Reflected cross site scripting (XSS) attacks
- attackers can produce this kind of link and put it into an email or a forum, then trick people to click the link