How to prevent XPath/XML injection in .NET

Question

How can I prevent XPATH injection in the .NET Framework?

We were previously using string concatenation to build XPATH statements, but found that end users could exec

Answer 1

Parameterized XPath is possible if you use Saxon as your XPath processor.