Section
5.1.3
Sub Level
General
Trap and detect malicious input (such as stored XSS).
Coldfusion

Use <cfprocparam><cfqueryparam> in individual pages. Also, you might check the box in the CF Administrator for "Enable Global Script Protection".

Specify whether to protect Form, URL, CGI, and Cookie scope variables from cross-site scripting attacks.

Natural Webagent

This does not apply to webAgent. In Natural, audit against a whitelist of valid values if one exists. Short of that, use detailed conditional masks. If all of these are too restrictive, use TXN$SCRB to audit and/or remove non-allowed characters before storage. Always check format and length where appropriate.