o [NSE] Added the script http-unsafe-output-escaping that checks if parameter

contents are reflected in responses, aiding in discovering potential XSS vulnerabilities. [Martin Swende]
2026-01-25 07:39:02 +00:00 · 2011-12-15 06:19:20 +00:00
parent 358d005ac9
commit 844929ce64
3 changed files with 162 additions and 0 deletions
--- a/scripts/script.db
+++ b/scripts/script.db
@@ -118,6 +118,7 @@ Entry { filename = "http-robots.txt.nse", categories = { "default", "discovery",
 Entry { filename = "http-robtex-reverse-ip.nse", categories = { "discovery", "external", "safe", } }
 Entry { filename = "http-title.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "http-trace.nse", categories = { "discovery", "safe", "vuln", } }
+Entry { filename = "http-unsafe-output-escaping.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "http-userdir-enum.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "http-vhosts.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "http-vmware-path-vuln.nse", categories = { "safe", "vuln", } }