Skip to content

CodeQL query to detect pages with validationRequest disabled #6

Closed
Closed
CodeQL query to detect pages with validationRequest disabled#6
Assignees
s0
Labels
All For OneSubmissions to the All for One, One for All bountyLowBounty entry rated as LowPR mergedCodeQL team just merge the contributionReviewed by the Lab 🧪GH Security Lab has rate the contribution
@cldrn

Description

@cldrn
cldrn
opened on Nov 16, 2019

Report

Request validation is a feature in ASP.NET that protects web applications against potentially malicious content in requests, specifically against cross-site scripting attacks.

This issue is still commonly found in custom ASP.NET applications. Vulnerabilities found in commercial products are normally marked as XSS:

CodeQL query PR: github/codeql#2358

Metadata

Metadata

Assignees

Labels

All For OneSubmissions to the All for One, One for All bountyLowBounty entry rated as LowPR mergedCodeQL team just merge the contributionReviewed by the Lab 🧪GH Security Lab has rate the contribution

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions