CWE: 80 Cross Site Scripting (XSS) BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 01 Baseline

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Val...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...