1
Hi, Thank you very much for your answer, but you have written cross site scripting for XST but I think it is not correct, What do you think?
-1 XST: Cross Site Scripting
A network security vulnerability exploiting the HTTP TRACE method.
TRACE allows the client to see what is being received at the other end of the request chain and use that data for testing or diagnostic information.", the TRACK method works in the same way but is specific to Microsoft's IIS web server. XST could be used as a method to steal user's cookies via Cross-site Scripting (XSS) even if the cookie has the
"HttpOnly" flag set and/or exposes the user's Authorization header.
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
XSS: Cross Site Scripting
It is a type of security vulnerability whick works in Web applications. XSS attacks the web applications by injecting scripts.
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
You can prevent XSS with following links:
http://www.codeguru.com/csharp/.net/net_asp/preventing-cross-site-scripting-attacks-in-asp.net-mvc-4.htm
http://www.dotnet-programming.com/post/2015/04/12/How-to-Handle-Cross-Site-Scripting-in-ASPNET-MVC-Application.aspx