CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: 11 Contr...

CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: 10 Contr...

CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: 09 Contr...

CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: 08 Contr...

CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: 07 Contr...

CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: 06 Contr...

CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: 05 Contr...

CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: 04 Contr...

CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: 03 Contr...

CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: 02 Contr...

CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flow Variant: 01 Baseline

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Fl...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Va...

CWE: 80 Cross Site Scripting (XSS) BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Fl...