dotDefender is prone to a XSS because it doesn't satinate the input vars
assignment, the dotDefender WAF is vulnerable.
Class: Input Validation Error
Credit: David K. (SH4V)
Vulnerable: till 4.02
More information here: