function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
ShaTShaT 

The CheckMarx security scanner gives error on Stored XSS vulnerability

I have a javaScript method in my visualforce page, which is adding a css when page loads.
Code adds the css to radio buttons to look similar to Lightning radio buttons. Its giving XSS erorr when submitted for CheckMarx security.
var Row = document.getElementsByClassName("convertToLSD"); 
for (var k = 0; k < Row.length; k++) { 
var colTds = Row[k].getElementsByTagName("td"); 
for (var i = 0; i < colTds.length; i++) { 
var inrHtml = colTds[i].innerHTML; var chkId = inrHtml.substring(inrHtml.indexOf("id=") + 4, inrHtml.indexOf("\"", inrHtml.indexOf("id=") + 4)); 
var chkBx = inrHtml.substring(inrHtml.indexOf("<input"), inrHtml.indexOf(">") + 1); var chkLable = colTds[i].getElementsByTagName("label")[0].textContent; var typeOfInput = colTds[i].getElementsByTagName("input")[0].getAttribute("type"); var newChkBox = '<label class="slds-' + typeOfInput + '" for="' + chkId + '">' + chkBx + '<span class="slds-' + typeOfInput + '--faux"></span>' + '<span class="slds-form-element__label">' + chkLable + '</span>' + '</label>'; 
colTds[i].innerHTML = newChkBox; } }

I tried in my apex code with select options
options.add(new selectOption(u.Id,u.Name.escapehtml4()));

How can i remove the vulnerability from my javascript so code is passed by CheckMarx.