Skip to main content
Cross-Site Scripting (XSS)

Detect expressions that might be vulnerable to Cross-Site Scripting (XSS) in Apex, Visualforce and Lightning components.

Lorenzo Frattini avatar
Written by Lorenzo Frattini
Updated over a week ago


Cross-site scripting (XSS) attacks cover a broad range of attacks where malicious HTML or client-side scripting is provided to a Web application. The Web application includes malicious scripting in a response to a user of the Web application.

  • Apex classes

  • Lightning components

  • Visualforce pages

  • Visualforce controllers

Did this answer your question?