V5.2 — Sanitization and Sandboxing
Sanitization and Sandboxing: 8 L3 requirement(s). V5.2.1: Verify that all untrusted HTML input from WYSIWYG editors or similar is properly sanitized with an HTML sanitizer librar... V5.2.2: Verify that unstructured data is sanitized to enforce safety measures such as allowed characters and length. V5.2.3: Verify that the application sanitizes user input before passing to mail systems to protect against SMTP or IMAP injectio... ... and 5 more.
| Property | Value |
|---|---|
| Section | V5.2 |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-HARD-02 | Input Validation and Injection Prevention |
| SID-TRANS-04 | SSRF-Protected HTTP Client |
Source: OWASP Application Security Verification Standard 4.0.3