Java code makes a call into a potentially unsafe unmanaged DLL. The bad case allows the user to specify the length of the input string. In addition, the case does not recognize the limitations of the unmanaged code and does no input validation.

This code demos the Stored XSS (or Presistent) ==> "Loop Good Case". The servlet retrieves the records from database and reflects it back into the HTTP response after performing the validate, filter, escape and encode of that retrieved data.

This code demos the Stored XSS (or Presistent) ==> "Container Good Case". The servlet retrieves the records from database and reflects it back into the HTTP response after performing the validate, filter, escape and encode of that retrieved data.

This code demos the Stored XSS (or Presistent) ==> "Basic Good Case". The servlet retrieves the records from database and reflects it back into the HTTP response after performing the validate, filter, escape and encode of that retrieved data.

This code demos the Stored XSS (or Presistent) ==> "Scope Good Case". The servlet retrieves the records from database and reflects it back into the HTTP response after performing the validate, filter, escape and encode of that retrieved data.

This code demos the Stored XSS (or Presistent) ==> "Scope Bad Case". The servlet retrieves the records from database and directly reflects it back into the HTTP response.

This code demos the Stored XSS (or Presistent) ==> "Loop Bad Case". The servlet retrieves the records from database and directly reflects it back into the HTTP response.

This code demos the Stored XSS (or Presistent) ==> "Container Bad Case". The servlet retrieves the records from database and directly reflects it back into the HTTP response.

This code demos the Stored XSS (or Presistent) ==> "Basic Bad Case". The servlet retrieves the records from database and directly reflects it back into the HTTP response.

This code (java servlet) has a FIX to Failure to Preserve Web Page Structure 'Cross-site Scripting (XSS)' CWE-79 vulnerability, with code complexity of scope.

This code (java servlet) has a FIX to Failure to Preserve Web Page Structure 'Cross-site Scripting (XSS)' CWE-79 vulnerability, with code complexity of loop.

This code (java servlet) has a FIX to Failure to Preserve Web Page Structure 'Cross-site Scripting (XSS)' CWE-79 vulnerability, with the code complexity of container.

This code (java servlet) has a FIX to Failure to Preserve Web Page Structure 'Cross-site Scripting (XSS)' CWE-79 vulnerability.

This code demos the Reflected XSS (or Non-Persistent) ==> "Scope Bad Case". The servlet reads the user input from the HTTP request and directly reflects the user input back into the HTTP response.

This code demos the Reflected XSS (or Non-Persistent) ==> "Loop Bad Case". The servlet reads the user input from the HTTP request and directly reflects the user input back into the HTTP response.

This code demos the Reflected XSS (or Non-Persistent) ==> "Container Bad Case". * The servlet reads the user input from the HTTP request and directly reflects * the user input back into the HTTP response.

This code demos the Reflected XSS (or Non-Persistent) ==> "Basic Bad Case". * The servlet reads the user input from the HTTP request and directly reflects * the user input back into the HTTP response.

This servlet implements a fixed SQL injection vulnerability with a scope complexity: a SQL request is sent to the database after testing if the current name takes part of the allowed ones.

This servlet implements a fixed SQL injection vulnerability with an array index complexity: a SQL request is sent to the database after testing if the current name takes part of the allowed ones.

This servlet implements a fixed SQL injection vulnerability: a SQL request is sent to the database after testing if the current name takes part of the allowed ones.

This servlet implements an SQL injection vulnerability with a scope complexity: an unsanitized SQL request is sent to the database.

This servlet implements an SQL injection vulnerability with an array index complexity: an unsanitized SQL request is sent to the database.

This servlet implements an SQL injection vulnerability: an unsanitized SQL request is sent to the database.

This servlet implements a fixed Cross-Site Scripting vulnerability (XSS) with a loop complexity: the data provided by the client in the field "data" is encoded so there is no more XSS.

This servlet implements a fixed Cross-Site Scripting vulnerability (XSS) with a container complexity: the data provided by the client in the field "data" is encoded so there is no more XSS.