Hi, in Google Analytics I found that someone runs that site few times a week:
/videos.php?cat=4<script>alert("XSS Found");</script>&sort=most_recent&time=all_time&seo_cat_name=<script>alert("XSS Found");</script>
It shows window that says “XSS Found”. It only work on https:// and can be run in every website using clipbucket.
Assuming someone checking is my site vulnerable to xss attacks.
Is there a way to prevent that?