I have recently upgraded magento from 2.3.5 to 2.4.4 in which I am facing 150001 Reflected Cross-Site Scripting (XSS) Vulnerabilities.
In the given solution they have wrote – Filter all data collected from the client including user-supplied content and browser content such as Referrer and User-Agent headers.
Any data collected from the client and displayed in a Web page should be HTML-encoded to ensure the content is rendered as text instead of an HTML element
or JavaScript.
Any help is appreciated.
Thanks!