I believe I have seen mentioned that Telerik RadControls are made to be 508 compliant which is great, but I was wondering if Telerik has used any type of web site security software testing on their controls? Specifically I am hitting a few issues with the controls using IBM Ration AppScan.
http://www-01.ibm.com/software/rational/offerings/websecurity/webappsecurity.html
The security issues I am getting relate to the telerik.web.ui.webresource.axd file and are as follows:
http://www-01.ibm.com/software/rational/offerings/websecurity/webappsecurity.html
The security issues I am getting relate to the telerik.web.ui.webresource.axd file and are as follows:
- DOM Based Cross-Site Scripting
-
Query Parameter in SSL Request
-
Client-Side (JavaScript) SQL Query Construction
-
Client-Side (JavaScript) Cookie References
Any help you can provide would be much appreciated.