5.2.8 The application sanitizes, disables, or sandboxes user-supplied scriptable or expression template language content

Verify that the application sanitizes, disables, or sandboxes user-supplied scriptable or expression template language content, such as Markdown, CSS or XSL stylesheets, BBCode, or similar.

Level 1	X
Level 2	X
Level 3	X

CWE	NIST
94