Examples/Safe_XPathInjection_1.ps1
|
function Query-XmlSafe { param($username, $passwordHash) $safeUser = [System.Security.SecurityElement]::Escape($username) $safeHash = [System.Security.SecurityElement]::Escape($passwordHash) $query = "//users/user[username/text()='$safeUser' and passwordHash/text()='$safeHash']/data/text()" $navigator = New-Object psobject $navigator.Evaluate($query) } |