Hello,
In my current project we are facing some issues regarding XSS using the Editor in MVC. We already use the AntiXss library to "clean" the html posted to the server but we are facing the following difficulty.
In the editor "Insert Hyperlink" functionality, we have been warned that a possible script can be run by inserting malicious content to the Tooltip field.
For example look at "Hyperlink xss example.png".
I have already reviewed the documentation Telerik provides regarding this XSS but didn't find anything related to this particular issue.
Is there a way to remove the Tooltip field from the Insert Hyperlink form? (Using MVC, not Jquery). Or any other possible solution for this problem.
Thanks