Thanks to visit codestin.com Credit goes to github.com
We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent 78e56d9 commit 41984a8Copy full SHA for 41984a8
1 file changed
csharp/ql/src/Security Features/CWE-091/XMLInjection.qhelp
@@ -24,7 +24,7 @@ document representing a set of names. The <code>WriteRaw</code> API is used to w
24
employee record to the XML file.</p>
25
<sample src="XMLInjectionBad.cs" />
26
<p>However, if a malicious user were to provide the content
27
- <code>Bobby Pages</name></employee><employee><name>Hacker1</code></p>, they
+ <code>Bobby Pages</name></employee><employee><name>Hacker1</code>, they
28
would be able to add an extra entry into the XML file.
29
</p>
30
<p>The corrected version demonstrates two ways to avoid this issue. The first is to escape user
0 commit comments