13-15 March 2020

City, University London

Lets check your Drupal8 site is secure from XSS attack or not?


Drupal knowledge is must

Session details

Cross-Site Scripting (XSS) is the most basic security vulnerability surviving in web applications at massive. It has been predicted that nearly 65% of websites are unprotected to an XSS attack in some mode, a statistic which should frighten you as much as it does me. The Drupal community puts a set of awareness of security. Drupal’s security team is the central body that is patronizing with security concerns and observations.

The purpose of this session to share knowledge on XSS, how it impacts on D7 & D8 websites, how to prevent it ^ 

Key takeaways
a) How Cross-site scripting works?
b) How do attackers use of cross-site scripting?
c) How XSS impacts on the website workflow
d) Variations of XSS
e) How Reflected XSS works on D7 & D8 websites?
f)  How Stored XSS works on D7 & D8 websites?
g) How to prevent XSS attack


Target Audience

  • This session is for QA/Test Engineers who want to learn more about Drupal security testing.
  • Backend developers who want to know more about Drupal security, How XSS impacts, prevention steps, how XSS attack to the website.
  • Project Managers and Technical Leads who want to know about what it is, how it is done and how to introduce automated checks in the development process
Session Track





Acquia - Experience digital freedom
Agiledrop - Trusted Drupal teammates

Weekend Keynote Speakers

Kevin Bridges


Michel van Velde

One Shoe, CEO

Nick Veenhof

Dropsolid, CTO

CxO Keynote Speakers

Kevin Bridges


Michel van Velde

One Shoe, CEO

Greg Harvey

Code Enigma, Director

Rachel Lawson

Drupal Association, Community Liaison

Carrie Lacina

Drupal Association, Fund Development Director

Jeffrey A. “jam” McGuire

Open Strategy Partners, Partner

Tracy Evans

Open Strategy Partners, Partner

Join the Drupal Association

The Drupal Association unites a global open source community to build and promote Drupal.

The Association is a not-for-profit organization that relies on individuals and businesses to fund everything they do for Drupal — from drupal.org to DrupalCon and community programs.

Connect with us and support our mission-driven work.

Support the Drupal Association

Hosting provided by