XSS
<script> alert(1)</script>
Rooted0x01
<script> alert(1)</script><img src='#' onerror=alert(1) />video xss vulnerability :) if you fill in a search field for example, and that variable is used
on the page somewhere, you could type in "bullshit."
"bullstit" appears in the markup. If the idiot that wrote the code doesn't
filter, limit, or otherwise sanitize that value. You could have a problem...
Dr. Evil could just type in some script ij the search field right?
<p>Your search for 'flowers <script>evil_script()</script>'video xss :)You're already on Google.//Here is the variable with which you assign a new value to the attribute
string newValue = string.Empty;
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.Load(xmlFile);
XmlNode node = xmlDoc.SelectSingleNode("Root/Node/Element");
node.Attributes[0].Value = newValue;
xmlDoc.Save(xmlFile);