C Sharp Xmlnode Xpath Injection
Description
Detects potential XML XPath injection vulnerabilities in C# code where untrusted input is used in XML node operations without proper sanitization. This can allow attackers to manipulate XPath queries and potentially access unauthorized XML data.
Detection Strategy
• Check if System.Xml namespace is imported in the code
• Look for calls to XML navigation methods (like SelectNodes, SelectSingleNode) on XMLNode objects
• Verify if the first parameter to these methods contains user-controllable input
• Confirm the input parameter is not properly sanitized or validated
• Report a vulnerability if unsafe data flows into XML query operations
Vulnerable code example
using System.Xml;
public class XPathInjectionExample
{
public string GetUserData(string username, string password)
{
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.Load("users.xml");...✅ Secure code example
using System.Xml;
using System.Xml.XPath;
public class XPathInjectionExample
{
public string GetUserData(string username, string password)
{
XmlDocument xmlDoc = new XmlDocument();...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.