CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Un...

CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: ...