Back to Catalog
Owasp Llm
top10_2025
LLM05 - Improper Output Handling
Insufficient validation of LLM output leading to XSS, RCE, or other vulnerabilities.
Intent & Description
'
🎯 Intent
Ensure all LLM-generated output is properly validated and sanitized before use in downstream systems.
📋 Context
LLM outputs are often passed directly to other components, browsers, or APIs without validation. This can lead to XSS, SSRF, privilege escalation, or remote code execution.
💡 Solution
Treat LLM output as untrusted. Apply output encoding appropriate to the context. Validate outputs against expected formats. Implement content security policies. Sandbox code execution environments.'
Real-world Use Case
Use whenever LLM outputs are rendered in web pages, executed as code, or passed to other systems.
📌 TL;DR
Treat LLM output as untrusted. Validate, encode, and sanitize all generated content before downstream use.
Advantages
- Prevents XSS and injection attacks
- Blocks code execution exploits
- Ensures output safety
- Protects downstream systems
Disadvantages
- May alter intended output formatting
- Context-dependent sanitization is complex
- Overly aggressive filtering reduces utility