Folks,
I am using WebExplorerBar, WebHTMLEditor, WebUpload controls in my application and upon scanning for security. i am getting XSS vulnerability error.
Any ideas?
Hello,
In order to look in to this provide me with the details on software used to test this behavior, and any specific steps to reproduce this behavior if any.
I am just following up to see if you have any further questions with this matter. If you need any assistance with this matter, provide me with the details I asked in my previous update on this forum.
Hi,
I don't think corporate policy allows me to share that information. but i wil surely try to get an information from policy team.
I can create a private support case in order to assist you further with this question. As an additional note, I have come across similar issue and I found client was using Microsoft Code Analysis Tool .NET (CAT.NET) v1 CTP - 32 bit from the link below:
<http://www.microsoft.com/download/en/confirmation.aspx?id=19968>
This tool is in CTP (Community Technology Preview). Please keep in mind that CTP version can have false results also. SQL injections or vulnerabilities are generally an application’s responsibility to account for such scenarios and build binding logic around it to prevent these problems.
I have also logged a feature request that encodes the web request properties to address this behavior with our controls. The feature request number is (PI12040096).
I hope this helps.
I am just following up to see if you have any further questions with this matter.