Treasure Hunt: Which of the following two code sets contains a vulnerability? Whisper your answer to the Twitch Chat Bot for a chance to win Apple AirPods from Contrast Security!
Don’t forget to scroll below to enter another chance to win Apple AirPods from Contrast Security!
[HttpGet]
public IActionResult
UploadAccountData (string xml)
{
var settings=new XmlReaderSettings
{
DtdProcessing = DtdProcessing.Parse,
XmlResolver = new XmlUrlResolver()
};
using (var stringReader = new StringReader(xml))
using (XmlReader reader = XmlReader.Create(stringReader, settings))
{
var doc = XDocument.Load(reader);
var accountsWithBalances = doc.XPathSelectElements("organization/accounts/").Where(n => n.Attribute("balance")?.Value != "0");
AddToProcessingQueue(accountsWithBalances);
}
return Ok();
}
public IActionResult
UploadAccountData (string xml)
{
var settings = new XmlReaderSettings();
using (var stringReader = new StringReader(xml))
using (XmlReader reader = XmlReader.Create(stringReader, settings))
{
var doc = XDocument.Load(reader);
var accountsWithBalances = doc.XPathSelectElements("organization/accounts/").Where(n => n.Attribute("balance")?.Value != "0");
AddToProcessingQueue(accountsWithBalances);
}
return Ok();
}
Are you tired of spending time on vulnerabilities like the one above? Welcome to the era of self-protecting software with Contrast Security. We are the only company that has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production.
Our goal is to break the cycle of ‘vulnerable software’, and for application security to be accessible to all. That’s why we’ve released Contrast Security Community Edition in Java and .NET Core, as a completely free, full-strength, DevSecOps solution that allows development, security and operations team to deliver secure software on time to meet growing business requirements. Learn more about our new .NET Core Community Edition by filing out the form below.
Are you tired of spending time on vulnerabilities like the one above? Welcome to the era of self-protecting software with Contrast Security. We are the only company that has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production.
Our goal is to break the cycle of ‘vulnerable software’, and for application security to be accessible to all. That’s why we’ve released Contrast Security Community Edition in Java and .NET Core, as a completely free, full-strength, DevSecOps solution that allows development, security and operations team to deliver secure software on time to meet growing business requirements. Learn more about our new .NET Core Community Edition by filing out the form below.
Secure software against the most common
security flaws.
Are you tired of spending time on vulnerabilities like the one above? Welcome to the era of self-protecting software with Contrast Security. We are the only company that has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production.
Our goal is to break the cycle of ‘vulnerable software’, and for application security to be accessible to all. That’s why we’ve released Contrast Security Community Edition in Java and .NET Core, as a completely free, full-strength, DevSecOps solution that allows development, security and operations team to deliver secure software on time to meet growing business requirements. Learn more about our new .NET Core Community Edition by filing out the form below.
1. Sign up for a Free account
2. Add the Contrast agent to your app
3. Secure your software!
Fill out the form to enter our raffle and register now to get Zero-day attack protection and OWASP Top 10 Coverage in a platform that integrates with IDEs, CI/CD tools and more!
Looking for more information? Explore our Contrast Community Edition page to learn more.
For individuals wanting to try
out Contrast
For businesses ready to deploy
Contrast at scale