XmlResolver = null; //Prevent external references
readerSettings.IgnoreProcessingInstructions = true;
//Need to create a StringReader to wrap the string
XmlReader xmlReader =
XmlReader.Create(new StringReader(serializedXml), readerSettings);
xmlDocument.Load(xmlReader);
return xmlDocument;
}
Manipulating Application Behavior Through XPath Injection
XPath is a query language that allows developers to select elements matching specified
criteria from an XML document. .Net integrates XPath with the XmlDocument class
through the SelectNodes and SelectSingleNode methods. These methods take an
XPath query and execute it against the XmlDocument??™s DOM.
XPath Injection in .Net
Popularity: 4
Simplicity: 6
Impact: 6
Risk Rating: 6
A common security flaw arises when developers insert attacker supplied data into
XPath query statements, therefore changing the final XPath query executed by the
system. In many cases, this leads to information disclosure and perhaps unauthorized
system access. Unfortunately, the .Net Framework does not provide a mechanism for
escaping information before inserting it into XPath statements. Security testing on .Net
should attempt XPath injections against applications since no prevention features are
built in.
Pages:
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235