Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 17476 - 17500 of 74755 in total

CWE-80

59190-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 19 Control flow: Dead code after an if(true) return
CWE-80

59189-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 17 Control flow: for loops
CWE-80

59188-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 16 Control flow: while(true) and while(local_f)
CWE-80

59187-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 15 Control flow: switch(6)
CWE-80

59186-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 14 Control flow: if(IO.static_five==5) and if(IO.static_five!=5)
CWE-80

59185-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 13 Control flow: if(IO.static_final_five==5) and if(IO.static_final_five!=5)
CWE-80

59184-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 12 Control flow: if(IO.static_returns_t_or_f())
CWE-80

59183-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 11 Control flow: if(IO.static_returns_t()) and if(IO.static_returns_f())
CWE-80

59182-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 10 Control flow: if(IO.static_t) and if(IO.static_f)
CWE-80

59181-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 09 Control flow: if(IO.static_final_t) and if(IO.static_final_f)
CWE-80

59180-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 08 Control flow: if(private_returns_t()) and if(private_returns_f())
CWE-80

59179-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 07 Control flow: if(private_five==5) and if(private_five!=5)
CWE-80

59178-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 06 Control flow: if(private_final_five==5) and if(private_final_five!=5)
CWE-80

59177-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 05 Control flow: if(private_t) and if(private_f)
CWE-80

59176-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 04 Control flow: if(private_final_t) and if(private_final_f)
CWE-80

59175-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 03 Control flow: if(5==5) and if(5!=5)
CWE-80

59174-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 02 Control flow: if(true) and if(false)
CWE-80

59173-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: getCookiesServlet Read data from the first cookie GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 01 Baseline
CWE-80

59172-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: fromFile Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: Servlet BadSink : querystring parameter not sanitized Flow Variant: 71 Data flow: data passed as an Object reference argument from one method to another in dif...
CWE-80

59171-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: fromFile Read data from file (named c:\data.txt) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 68 Data flow: data passed as a member variable in the "a" class, which is used by a method in anothe...
CWE-80

59170-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: fromFile Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: Servlet BadSink : querystring parameter not sanitized Flow Variant: 67 Data flow: data passed in a class from one method to another in different source files i...
CWE-80

59169-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: fromFile Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: Servlet BadSink : querystring parameter not sanitized Flow Variant: 66 Data flow: data passed in an array from one method to another in different source files ...
CWE-80

59168-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: fromFile Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: Servlet BadSink : querystring parameter not sanitized Flow Variant: 61 Data flow: data returned from one method to another in different classes in the same pac...
CWE-80

59167-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: fromFile Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: Servlet BadSink : querystring parameter not sanitized Flow Variant: 54 Data flow: data passed as an argument from one method through three others to a fifth; a...
CWE-80

59166-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: fromFile Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: Servlet BadSink : querystring parameter not sanitized Flow Variant: 53 Data flow: data passed as an argument from one method through two others to a fourth; al...

Results per page