National Institute of Standards and Technology
Package illustrating a test case

Test case 198369

Description

Unsafe sample
input : get the field userData from the variable $_GET via an object, which store it in a array
sanitize : use of the function htmlentities. Sanitizes the query but has a high chance to produce unexpected results
File : use of untrusted data in a unquoted attribute

Flaws

Test Suites

Have any comments on this test case? Please, send us an email.