National Institute of Standards and Technology
Package illustrating a test case

Test case 198380

Description

Unsafe sample
input : get the field userData from the variable $_GET via an object, which store it in a array
sanitize : use of the function htmlentities. Sanitizes the query but has a high chance to produce unexpected results
File : use of untrusted data in a double quoted property value (CSS)

Flaws

Test Suites

Have any comments on this test case? Please, send us an email.