CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into U...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...