« WASC Threat Classification v2 Project - Call for Participants | Main | Mozilla security chief: Apple should open up »

Real World XSS Vulnerabilities in ASP.NET Code

Microsoft has posted an article on what real world XSS vulnerable code looks like in ASP.NET applications. Handy if you develop asp.net or audit it for issues.

"From couple of weeks we have been seeing some XSS vulnerabilities in asp.net code. Today I wanted to show you guys some real world examples ranging from property assignments, data binding and JavaScript building. For each example, I will offer both the vulnerability and mitigation which is very useful in self reviews. Before I say anything further, I want to caution you by saying that the following code examples must never be used in any application."

Read More: http://blogs.msdn.com/cisg/archive/2008/09/10/real-world-xss-vulnerabilities-in-asp-net-code.aspx

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!


Post a comment







Remember personal info?