Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 10526 - 10550 of 32356 in total

CWE-80

145052-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145051-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145050-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145049-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145048-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145047-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145046-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...
CWE-80

145045-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145044-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145043-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145042-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145041-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145040-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145039-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...
CWE-80

145038-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145037-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...
CWE-80

145036-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...
CWE-80

145035-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145034-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145033-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Dat...
CWE-80

145032-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...
CWE-80

145031-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...
CWE-80

145030-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...
CWE-80

145029-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...
CWE-80

145028-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

Results per page