Can an AJAX Request be hacked?
I am trying to put my arms around all the work that needs to be done on four .NET Applications and have found XSS URL Vulnerabilities in Controller Actions.
I paraphrased in the quote above. Is it true?
What about an AJAX call?
If there were a way to "harden the URL" inside the AJAX call, could a hack hack that URL?