Test case 2168

Type: source code
State: bad
Author: Sue Wang
Status: accepted
Language: Java
Submission Date: 30 Apr 2010

Description

This code demos the Reflected XSS (or Non-Persistent) ==> "Container Bad Case".
* The servlet reads the user input from the HTTP request and directly reflects
* the user input back into the HTTP response.

Flaws

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Have any comments on this test case? Please, send us an email.