{"id":22541,"date":"2026-05-14T11:14:00","date_gmt":"2026-05-14T02:14:00","guid":{"rendered":"https:\/\/sparrow.im\/kr\/?p=22541"},"modified":"2026-05-14T17:02:15","modified_gmt":"2026-05-14T08:02:15","slug":"xss%ed%81%ac%eb%a1%9c%ec%8a%a4%ec%82%ac%ec%9d%b4%ed%8a%b8-%ec%8a%a4%ed%81%ac%eb%a6%bd%ed%8c%85%eb%9e%80-%ea%b3%b5%ea%b2%a9-%ec%9c%a0%ed%98%95-3%ea%b0%80%ec%a7%80%ec%99%80-%eb%8c%80%ec%9d%91","status":"publish","type":"post","link":"https:\/\/sparrow.im\/kr\/2026\/05\/14\/xss%ED%81%AC%EB%A1%9C%EC%8A%A4%EC%82%AC%EC%9D%B4%ED%8A%B8-%EC%8A%A4%ED%81%AC%EB%A6%BD%ED%8C%85%EB%9E%80-%EA%B3%B5%EA%B2%A9-%EC%9C%A0%ED%98%95-3%EA%B0%80%EC%A7%80%EC%99%80-%EB%8C%80%EC%9D%91\/","title":{"rendered":"XSS(\ud06c\ub85c\uc2a4\uc0ac\uc774\ud2b8 \uc2a4\ud06c\ub9bd\ud305)\ub780? \uacf5\uaca9 \uc720\ud615 3\uac00\uc9c0\uc640 \ub300\uc751 \ubc29\uc548 \uc815\ub9ac"},"content":[63],"excerpt":{"rendered":"<p>XSS(\ud06c\ub85c\uc2a4\uc0ac\uc774\ud2b8 \uc2a4\ud06c\ub9bd\ud305)\uc758 \uac1c\ub150\ubd80\ud130 Reflected, Stored, DOM \uae30\ubc18 XSS \uacf5\uaca9 \uc720\ud615, \uc2e4\uc81c \uacf5\uaca9 \uc2dc\ub098\ub9ac\uc624, HTML \uc778\ucf54\ub529\u00b7CSP \ub4f1 \ub300\uc751 \ubc29\uc548\uae4c\uc9c0 \uc0c1\uc138\ud788 \uc124\uba85\ud569\ub2c8\ub2e4. Sparrow SAST\u00b7DAST\ub85c \uac1c\ubc1c \ub2e8\uacc4\uc640 \uc6b4\uc601 \ud658\uacbd \uc804\ubc18\uc5d0\uc11c XSS \ucde8\uc57d\uc810\uc744 \uc9c0\uc18d\uc801\uc73c\ub85c \uc810\uac80\ud558\uace0 \ub300\uc751\ud558\uc138\uc694. &nbsp; \u25a0 XSS \ucde8\uc57d\uc810\uc774\ub780 \ubb34\uc5c7\uc778\uac00? XSS(Cross-Site Scripting, \ud06c\ub85c\uc2a4\uc0ac\uc774\ud2b8 \uc2a4\ud06c\ub9bd\ud305)\ub294 \uc6f9 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc774 \uc0ac\uc6a9\uc790 \uc785\ub825\uac12\uc744 \uc801\uc808\ud788 \uac80\uc99d\ud558\uac70\ub098 \uc778\ucf54\ub529\ud558\uc9c0 \uc54a\uc744 \ub54c, \uc545\uc131 \uc2a4\ud06c\ub9bd\ud2b8\uac00 \uc0ac\uc6a9\uc790 \ube0c\ub77c\uc6b0\uc800\uc5d0\uc11c \uc2e4\ud589\ub418\ub294 [&hellip;]<\/p>\n","protected":false},"author":11,"featured_media":21594,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[1],"tags":[],"topic":[76],"class_list":["post-22541","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","topic-topic-application-security","content-content-secure-article"],"acf":[],"_links":{"self":[{"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/posts\/22541","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/comments?post=22541"}],"version-history":[{"count":13,"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/posts\/22541\/revisions"}],"predecessor-version":[{"id":22564,"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/posts\/22541\/revisions\/22564"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/media\/21594"}],"wp:attachment":[{"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/media?parent=22541"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/categories?post=22541"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/tags?post=22541"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/topic?post=22541"},{"taxonomy":"content","embeddable":true,"href":"https:\/\/sparrow.im\/kr\/wp-json\/wp\/v2\/content?post=22541"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}