A8:2017 - Insecure Deserialization

Unofficial Content

Actions by GeneXus

  • GeneXus brings serialization/deserialization secure mechanisms as FromJSONToJSONFromXMLToXML.
  • When the SDT's ToXML or ToJSON functions are used GeneXus codes the entries.
  • When the XML is manually readed/writen XMLWriter and XMLReader functions code/decode the entries and values accordingly.

Actions by Developers