Fixing Unvalidated Redirects and Forwards in ASP.NET
Note: This post is part of our series on “How to Fix Unvalidated Redirects and Forwards“. The series contains examples
Continue Reading
Month: May 2012
How to Fix Unvalidated Redirects and Forwards
An unvalidated redirect allows an attacker to exploit the trust a user has in a particular domain by using it
Continue Reading
Fixing Insecure Cryptographic Storage in ASP.NET
Note: This post is part of our series on “How to Fix Insecure Cryptographic Storage“. The series contains examples on
Continue Reading
Fixing Cross-site Scripting in ASP.NET
The HtmlEncode() method can be used when displaying text directly inside HTML tags using block: <% = Microsoft.Security.Application.AntiXss.HtmlEncode(this.txtName.Text) %>
Continue Reading
Fixing Insecure Cryptographic Storage in Java
Note: This post is part of our series on “How to Fix Insecure Cryptographic Storage“. The series contains examples on
Continue Reading
How to Fix Insecure Cryptographic Storage
Hashing is the first step towards secure cryptographic storage of data before passing it to the database. It is advisable
Continue Reading
How to Fix Cross-site Request Forgery Vulnerability(CSRF)
Cross-Site Request Forgery (CSRF) is an attack that allows a hacker to perform an action on the vulnerable site on
Continue Reading
How to Fix Insecure Direct Object Reference Vulnerability
Many times application references an object (files) to generate web pages. A simple example is when a user requests his
Continue Reading
Fixing SQL Injection in Hibernate
Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on
Continue Reading
Fixing Cross-site Scripting in Spring MVC
In Spring-MVC, form-tags are used to create jsp page. Spring MVC provides multiple options to encode the html-escape-sequences on server
Continue Reading
