I got XSS (cross site scripting issue) for the below in one of my JSP page:-
"Path Fragment input /store/<s>/[*]_<n>/<s> was set to SubCat1ECS"onmouseover=UaTZ(9025)"
The input is reflected inside a tag parameter between double quotes."
What does it mean? what is the fix we need to do for it? whether "onmouseover=UaTZ(9025)" is the issue here? which is in double quotes? please let me know how we can handle it?