Contao tl_search table indexes vulnerable url in its database
Haii,
We are in a state of misery where there is a vulnerable attempt to our site which is the reason for my.site.com/?dosearch=true&query=">< script >alert(document.cookie)</ script >, this script get indexed in the tl_search url table and also shown in the search results . Can you please help us to solve this vulnerable cases and also some unidentified arguments containing urls laso get indexed in the field url .For example my.site.com/?foo=bar gets also indexed in our search results, which we are not using in any part of the site.Can anyone show us some way to prevent this , so that the arguments we are using in the site should be only used other aarguments should be popped out from the tables of search and any part of the site.