Deprecated test suite
Juliet Java 1.2 with extra support Test suite #87
DownloadDescription
This is a collection of test cases in the Java language. It contains examples for 112 different CWEs.NOTE: This package contains only individual test cases. We recommend to download the full test suite at the top of the "Test Suite" page. All documents related to the Juliet Test Suite can be found at the documents page
Displaying test cases 21901 - 21925 of 25477 in total
-
CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page without any encoding or validation Flow Variant: 54 Data flow: data passed as an argument from one method through three others to a fif...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page without any encoding or validation Flow Variant: 61 Data flow: data returned from one method to another in different classes in the sam...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page without any encoding or validation Flow Variant: 66 Data flow: data passed in an array from one method to another in different source f...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page without any encoding or validation Flow Variant: 67 Data flow: data passed in a class from one method to another in different source fi...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 68 Data flow: data passed as a member variable in the a class, which is used by a method in an...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page without any encoding or validation Flow Variant: 71 Data flow: data passed as an Object reference argument from one method to another i...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page without any encoding or validation Flow Variant: 72 Data flow: data passed in a Vector from one method to another in different source f...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page without any encoding or validation Flow Variant: 73 Data flow: data passed in a LinkedList from one method to another in different sour...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page without any encoding or validation Flow Variant: 74 Data flow: data passed in a HashMap from one method to another in different source ...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page without any encoding or validation Flow Variant: 75 Data flow: data passed in a serialized object from one method to another in differe...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: BadSink : Display of data in web page without any encoding or validation Flow Variant: 81 Data flow: data passed in a parameter to an abstract method
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 01 Baseline
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 02 Control flow: if(true) and if(false)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 03 Control flow: if(5==5) and if(5!=5)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 04 Control flow: if(PRIVATE_STATIC_FINAL_TRUE) and if(PRIVA...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 05 Control flow: if(privateTrue) and if(privateFalse)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 06 Control flow: if(PRIVATE_STATIC_FINAL_FIVE==5) and if(PR...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 07 Control flow: if(privateFive==5) and if(privateFive!=5)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 08 Control flow: if(privateReturnsTrue()) and if(privateRet...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 09 Control flow: if(IO.STATIC_FINAL_TRUE) and if(IO.STATIC_...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 10 Control flow: if(IO.staticTrue) and if(IO.staticFalse)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 11 Control flow: if(IO.staticReturnsTrue()) and if(IO.stati...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 12 Control flow: if(IO.staticReturnsTrueOrFalse())
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 13 Control flow: if(IO.STATIC_FINAL_FIVE==5) and if(IO.STAT...
-
CWE: 80 Cross Site Scripting (XSS) BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: Display of data in web page without any encoding or validation Flow Variant: 14 Control flow: if(IO.staticFive==5) and if(IO.staticFive!=5)