How to remove catalog product list url with unwanted string and special character for XSS Vulnerability fix, i need to completely remove the special characters if any.
Example : ‘magento url’?attibute_code=%27%22%3E%3Cimg%20%20src=x%20onerror=alert(%27XSSBYTheSanjok%27);%3E
Like “magento url”?color=%27%22%3E%3Cimg%20%20src=x%20onerror=alert(%27XSSBYTheSanjok%27);%3E
Anyone got any ideas?
Thanks.