.NET Programming
--
Questions
--
Followers
Top Experts
How to best deal with a cross site scripting threat
I have security audit scan that is flagging line 4 below
"The method DisplayCustomMessage() in clientSummary.cs sends unvalidated data to a web browser on line 4 which can result in the browser executing malicious code."
This appears to be a cross site scripting vulnerability. So how can I correct this code?
1. Â private void DisplayCustomMessage(strin
2. Â {
3. Â Â Â lblMsg.CssClass = "pling";
4. Â Â Â lblMsg.Text = msg
5. Â Â Â lblMsg.Visible = true
6.
7.}
"The method DisplayCustomMessage() in clientSummary.cs sends unvalidated data to a web browser on line 4 which can result in the browser executing malicious code."
This appears to be a cross site scripting vulnerability. So how can I correct this code?
1. Â private void DisplayCustomMessage(strin
2. Â {
3. Â Â Â lblMsg.CssClass = "pling";
4. Â Â Â lblMsg.Text = msg
5. Â Â Â lblMsg.Visible = true
6.
7.}
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
ASKER CERTIFIED SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Thank you.
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
.NET Programming
--
Questions
--
Followers
Top Experts
The .NET Framework is not specific to any one programming language; rather, it includes a library of functions that allows developers to rapidly build applications. Several supported languages include C#, VB.NET, C++ or ASP.NET.