Why it matters
XSS via LLM is web UI risk. Understanding shapes rendering safety.
Advertisement
The architecture
Attacker injects payload.
LLM emits HTML/JS.
Client renders + executes.
Advertisement
How it works end to end
Sanitize output HTML (DOMPurify).
Content Security Policy.
Render markdown safely.
Never trust LLM raw.