The cross-site scripting vulnerability has not been fixed in the comment function.

You may be trying to filter certain keywords such as removing the word script. This is not how you should try to fix a XSS vulnerability. Please review the Defense section of the lesson and try again.

You may be trying to filter or user regular expressions such as accounting for a specific element. We want to account for all elements. Please review the Defense section of the lesson and try again.