lang:

ASP.Net

regex:

\.(Append|WriteLine)\([^\)]*?HttpContext\.Current\.Request\.(Url|Form|QueryString)

description:

User controlled input direct to output, possible cross-site scripting.
tags:
xss cross-site scripting cwe-79
results