Review code for XML injection vulnerabilities

When working with untrusted input, be mindful of XML injection attacks. An attacker can use XML injection to insert special characters into an XML document, making the document invalid XML. Or, an attacker could maliciously insert XML nodes of their choosing.

This rule attempts to find input from HTTP requests reaching a raw XML write. This rule can't track data across assemblies. For example, if one assembly reads the HTTP request input and then passes it to another assembly that writes raw XML, this rule won't produce a warning. There is a configurable limit to how deep this rule will analyze data flow across method calls. See Analyzer Configuration for how to configure the limit in an EditorConfig file.

Potentially untrusted HTTP request input reaches raw XML output.

By default, this rule analyzes the entire codebase, but this is configurable.

To fix a violation, use one of the following techniques:

• Don't write raw XML. Instead, use methods or properties that XML-encode their input.
• XML-encode input before writing raw XML.
• Validate user input by using sanitizers for primitive type conversion and XML encoding.

Don't suppress warnings from this rule.