We are using ColsedXml.dll In our application. We are mandated by our organization to scan our code in Veracode Site for security scan. While running the scan we got __"Cross site scripting flaws in ColsedXml.dll"__
Please advise to fix/overcome these flaws.
__Issues Details:
Cross-Site Scripting - Insufficient Entropy (CWE ID 331) - Cryptographic Issues
Module: ClosedXML.dll (Product Version 0.69.1.0)__
1) In closedxml_dll.
File name : ClosedXML.Excel.CalcEngine.MathTrig
Method Name : RandBetween
2) In closedxml_dll.
File name : ClosedXML.Excel.CalcEngine.MathTrig
Method Name : Rand
Please advise to fix/overcome these flaws.
__Issues Details:
Cross-Site Scripting - Insufficient Entropy (CWE ID 331) - Cryptographic Issues
Module: ClosedXML.dll (Product Version 0.69.1.0)__
1) In closedxml_dll.
File name : ClosedXML.Excel.CalcEngine.MathTrig
Method Name : RandBetween
2) In closedxml_dll.
File name : ClosedXML.Excel.CalcEngine.MathTrig
Method Name : Rand