We recently scanned all Apex for our org and found multiple security findings with message: URL parameters should be escaped/sanitized XSS. May be tainted: when using variable pageid.  Does anyone know what this means?  Here is a snippit of code where it is referencing 'pageid' in the page reference var.

id pageid=ApexPages.currentPage().getParameters().get('id');
PageReference ref =  new PageReference('/'+pageid);
 

Hi,
It seems like no matter where I put my System.debug statement, I cannot find it in my debug log. I have already set myself up to track debug logs, etc, but for some reason I can only see the debug log at the end of my Apex class.

What reasons would there be for not being able to see the system.debug statements in a debug log? I already have the appropriate setting and can see the debug log, but it does not contain the debug statements I need. Please advise