National Institute of Standards and Technology
Package illustrating a test case

Test case 198390

Description

Unsafe sample
input : get the field userData from the variable $_GET via an object, which store it in a array
sanitize : use of the function htmlspecialchars. Sanitizes the query but has a high chance to produce unexpected results
File : use of untrusted data in a unquoted attribute

Flaws

Test Suites

Have any comments on this test case? Please, send us an email.