Reputation: 905
Why this file read got flagged as Cross Site Scripting?
Corporate run all of our source code through a vulnerability scanning software, and the following line got flagged as Cross Site Scripting:
divFooter.InnerHtml = Utilities.Utils.ReadFromTextFile(System.IO.Path.Combine(Folders.Templates, Constants.Files.Templates.FooterEN));
Where Constants.Files.Templates.FooterEN is a const string and Folders.Templates is calculated by: Path.Combine(System.Web.HttpContext.Current.Request.PhysicalApplicationPath, "Templates").
Why is reading a template file XSS? They are in the same folder as the html files, so they are not less secure.
Upvotes: 0
Views: 384
Answers (1)
Reputation: 823
It might be a false positve. The tool probably flags every assignment to InnerHtml that comes from sensitive sinks, in this case ReadFromTextFile.
In your particular case it may not be a real vulnerability, now imagine if the text file was submitted somewhere by the user, it would result in a real XSS vulnerability.
The tool analyzes statically the code, so it does not know if the result of Path.Combine(System.Web.HttpContext.Current.Request.PhysicalApplicationPath, "Templates") is secure or not.
Upvotes: 1
Related Questions
- Cross Site Scripting (XSS) Prevention on C#
- Vulnerability scanner for asp.net flags cross site scripting
- Cannot fix cross-site scripting error
- Cross site scripting possibility?
- Cross Site Scripting Issue
- Cross-site scripting and ASP.NET
- HttpRequestValidationException and cross-site scripting XSS
- How to avoid Cross site scripting in ASP.NET
- Web Application Cross Site Scripting
- Microsoft Anti-Cross Site Scripting Library