'Input returned in response (reflected) asp.net vulnerablility

I have a web application running on asp.net webforms on framework 4.0. A third party company performed a security assessment and identified couple of vulnerabilities, one of which says.

  • S.No.3: Input returned in response (reflected)
  • Risk: Medium
  • Description: Reflection of input arises when data is copied from a request and echoed into the application's immediate response.

As POC they have shared below image in which input value is highlighted in yellowenter image description here I searched the internet but i am not able to understand about what to do with this. How can i resolve this vulnerability. What is the solution for this.

asp.net.netvb.netwebforms


Solution 1:[1]

You should use ModelState.Clear(); on serverside so that your input will not get reflected in the response. For additional info about ModelState.Clear() Refer

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Ajay Chauhan

Related Questions

detect events on powerpoint shapes from C#

detect events on powerpoint shapes from C#

What does "Beta: Use Unicode UTF-8 for worldwide language support" actually do?

What does "Beta: Use Unicode UTF-8 for worldwide language support" actually do?

Class not inheriting from object?

Class not inheriting from object?

What is a StickyLabel, and why does it sit in a ContextMenuStrip.Contols collection?

Using a BindingSource, how do I tell if I have changes pending?

Secure cookies flag always getting lost in first session after resetting IIS

Including Pictures in an Outlook Email

automapper map interface to interface or object

Union two list by property

Suggestions for designing complex LINQ code

VS 2022 - cannot change Target Platform to .Net 6.0 for a project created in VS 2019

How to programmatically derive Windows Downloads folder "%USERPROFILE%/Downloads"?