# Cross-Site Scripting (XSS) via Response

- ID: javascript-xss
- Severity: HIGH
- CWE: Cross-Site Scripting (XSS) (CWE-79)
- Languages: JavaScript, TypeScript
- Frameworks: nodejs, express, fastify, koa, hapi, nestjs, lambda, serverless, graphql

## Description

Detects user input flowing into HTTP responses without proper encoding or sanitization.

## Detection Message

Untrusted input from {source} flows directly into HTTP response at {sink}.
This allows an attacker to inject malicious scripts (XSS attack).

## Remediation

Use template engines with auto-escaping or sanitize user input before output.

```javascript
const sanitizeHtml = require('sanitize-html');
const clean = sanitizeHtml(userInput);
res.send(`<div>${clean}</div>`);
```

Learn more: https://shoulder.dev/learn/javascript/cwe-79/xss

## Documentation

[object Object]

## Related Rules

- **Angular Unsafe Security Context Bypass** [CRITICAL]: 
- **Angular Unsafe Property Binding** [HIGH]: 
- **Cross-Site Scripting (XSS) in Templates** [HIGH]: