NVelocity and XSS
NVelocity is a view engine for MonoRail. It’s quite handy and it’s not difficult to deliver such views.
One of the flows I can name can be the security issues. By default there’s not much support for security. For instance it’s possible to perform XSS (Cross-site scripting) attacks by providing XHTML or JavaScript code.
I spent some time googleing for …