Hi guys,
I am working on issues reported by rapid 7.
Following error is reported by Rapid 7:
ctl00_ctl00_BaseContent_ContentPlaceHolder1_rgdDispatches_ClientState=%27%3E%3Cscript%3Ealert(4272772)%3C%2Fscript%3E
Actually the attacK is injecting <script>alert("4272772")</script> tag inside the ClientState.
Is there any way to prevent this attack on almost all Telerik Ajax Controls, Specially telerik:radgrid and telerik:RadComboBox ON SERVER SIDE CODE?
Is there any way to use encryption or some way the validate and Fix the client state of a control on Server Side?