Injection

XML Injection

• Solution

  • Encode < with <
  • Specify the type of HTML input: <input type="email"> (front-end validation, which is more efficient)

• SQL Injection

• Cross-Site Scripting