All inputs via our API that is interpreted as malicious attempts to execute code and/or perform cross site scripting (XSS) is removed from the request. This action is done to prevent Upodi and/or any software using the Upodi API from being compromised.
Code elements including HTML scripting and XML are examples of data we remove.
Read more here:
https://www.owasp.org/index.php/Cross-siteScripting(XSS)
https://en.wikipedia.org/wiki/Cross-site_scripting