The OWASP Top 10 lists injection flaws and cross-site scripting (XSS) as the two most significant application security risks (https://www.owasp.org/index.php/Top_10_2010-Main) This training session will walk audience members through methods for fixing identified SQL injection and cross-site scripting vulnerabilities – highlighting common mistakes that are made as well as more secure approaches. Code examples will be provided for popular platforms including Java EE, ASP.NET.