Reputation: 51
How to implement Reflect XSS fix in webforms .net 2.0 Application
I have started working on a webforms application built in .net 2.0 using VS 2005. I am kind of new to web application
When I am clicking on a Menu item which is <li/> tag and capture the request in burp and Changed the Url to "obgv0%22%3e%3cscript%3ealert('XSS HACKED')%3c%2fscript%3et48bw"
Here I am getting getting a pop-up-"XSS HACKED" and it indicates that it is vulnerable.
I tried to find exact solution of this problem on net. but unlucky so far.
- So please help me in solving it
I tried to replicate the scenario in VS 2015 by creating an empty web application. but it seems Microsoft put a permanent fix for this. If someone can guide me the way Microsoft implemented it and help me in understanding the same. that will be great.
damaged URL "obgv0%22%3e%3cscript%3ealert('XSS HACKED')%3c%2fscript%3et48bw"
- Need help in solving the problem in
.net 2.0application - Need support in understanding the way
Microsoftimplemented the fix for newer versions of.net
Upvotes: 0
Views: 36
Answers (1)
Reputation: 51
We have removed the cookies from the page and implement the server side validation to solve the vulnerability.
This is not a suggested solution for all the XSS issues. Solutions is Vulnerability Specific.
Upvotes: 0
Related Questions
- AntiXSS in .NET Framework 4.7 web application - how to apply it
- Preventing XSS in ASP.Net Webforms: why is Validate Request not enough?
- How to prevent XSS attack from the ASP
- XSS Attack prevention in C#
- How can I prevent XSS attack in Asp.net Webforms?
- How to prevent XSS in Asp.NET
- Prevent XSS in C# Winform WebBrowser
- What is a good way to prevent websites from xss attacks
- preventing xss in .net OWASP guidelines
- sanitizing xss in asp.net mvc