I am new to asp.net development
I develop login form with username and password
I finished off with my work but any how my login
table has injected with sort of script as
username
"> </title><script src="http://it
password
"> </title><script src="http://it
I have written simple query as
SELECT * FROM user WHERE userid = 'admin' AND password = 'ms2012'
I thought some body has injected in a username and password textbox
But I don't understand how they did. Can anybody explain how they have updated it and what should I do to avoid it?