National Institute of Standards and Technology
Package illustrating a test case

Test case 2170

Description

This code demos the Reflected XSS (or Non-Persistent) ==> "Scope Bad Case". The servlet reads the user input from the HTTP request and directly reflects the user input back into the HTTP response.

Flaws

Have any comments on this test case? Please, send us an email.