Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 10501 - 10525 of 32356 in total

CWE-80

145077-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...
CWE-80

145076-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145075-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...
CWE-80

145074-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145073-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145072-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...
CWE-80

145071-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...
CWE-80

145070-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...
CWE-80

145069-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145068-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145067-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145066-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145065-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145064-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145063-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145062-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145061-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145060-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145059-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145058-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145057-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145056-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145055-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145054-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...
CWE-80

145053-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...

Results per page