Fixing Insecure Cryptographic Storage in ASP.NET
Note: This post is part of our series on “How to Fix Insecure Cryptographic Storage“. The series contains examples on
Continue Reading
Fixing Cross-site Scripting in ASP.NET
The HtmlEncode() method can be used when displaying text directly inside HTML tags using block: <% = Microsoft.Security.Application.AntiXss.HtmlEncode(this.txtName.Text) %>
Continue Reading
Fixing Insecure Cryptographic Storage in Java
Note: This post is part of our series on “How to Fix Insecure Cryptographic Storage“. The series contains examples on
Continue Reading
How to Fix Insecure Cryptographic Storage
Hashing is the first step towards secure cryptographic storage of data before passing it to the database. It is advisable
Continue Reading
How to Fix Cross-site Request Forgery Vulnerability(CSRF)
Cross-Site Request Forgery (CSRF) is an attack that allows a hacker to perform an action on the vulnerable site on
Continue Reading
How to Fix Insecure Direct Object Reference Vulnerability
Many times application references an object (files) to generate web pages. A simple example is when a user requests his
Continue Reading
Fixing SQL Injection in Hibernate
Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on
Continue Reading
Fixing Cross-site Scripting in Spring MVC
In Spring-MVC, form-tags are used to create jsp page. Spring MVC provides multiple options to encode the html-escape-sequences on server
Continue Reading
Fixing Cross-site Scripting in Java
Use when the parameter is being echoed: <%@ taglib uri=”http://java.sun.com/jsp/jstl/core” prefix=”c” %> <p>Welcome <c:out value=”${user.name}” /></p> Use while taking the
Continue Reading
How to Fix Cross-site Scripting Vulnerabilities
Websites often accept user input for the application to display on the screen. If the application is not careful enough
Continue Reading
