Cross-Site Scripting (XSS) in .NET Framework
The .NET framework allows to use the direct ResolveURL in order to load static contents from the application root root relative and not to worry about relative or absolute paths. However, this directive can be abused to inject arbitrary content in the URL which will then be reflected in a HTML ta...