Test case 2178

Type: source code
State: bad
Status: accepted
Language: Java
Submission Date: 30 Apr 2010

Description

This code demos the Stored XSS (or Presistent) ==> "Scope Bad Case". The servlet retrieves the records from database and directly reflects it back into the HTTP response.

Flaws

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Have any comments on this test case? Please, send us an email.