XSS-Angriffe wollen deinem Code nichts Böses
In den Beitrag Threat Modeling, quick recommendations findet sich diese erwähnenswerte Passage: However if we look at a vulnerability like XSS, it isn’t a threat to your own code, it is a threat to external entities (in this case, client...