Juliet Java 1.3 with extra support Test suite #109

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 18...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...

CWE: 80 Cross Site Scripting (XSS) BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: Display of data in web page after using replaceAll() to remove script tags, which will still allow XSS (CWE 182: Collapse of Data into Unsafe Value) Flo...