LAB 208 – Defending C# Applications Against XPath Injection

Course Overview


XPath injection vulnerabilities occur when an application concatenates untrusted input into XPath expressions. The exact impact of XPath Injection depends on the purpose of the XPath expression in the application, but usually, the impact is either information disclosure or authentication bypass. This Defending C# Applications Against XPath Injection Skill Lab uses an interactive simulation to train developers to identify and mitigate XPath Injection vulnerabilities before they negatively impact your organization.

After completing this lab, the learner will understand how to defend C# applications against XPath Injection attacks and receive hands-on experience implementing effective mitigation. This includes testing for XPath Injection vulnerabilities and using parameterized access methods instead of concatenating untrusted data into XPath expressions.

Looking To Learn More?

Request more information on our courses and labs.

* required

Course Details

Course Number: LAB 208
Course Duration: 5 minutes
Course CPE Credits: .1

NICE Work Role Category

PlatformStandardTechnologyType

Available Languages

  • English