SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #1938

Back to the previous page... Back to the previous page

Test Case IDCandidate1938
Bad / Good / MixedBadBad test case
Author
Associations
Test suite: 31  
Added byRomain Gaucher
LanguagePHP
Type of test caseSource Code
Input stringi=42<script>alert(/xss/);</script> and q=<script>alert(/xss/);</script>
Expected Output
Instructions
Submission date2007-03-08
DescriptionThe test case shows a basic Cross-Site Scripting in PHP. The associate level of defense is 1. Here we show how to use the typecasting mechanism.
File(s)
Flaw

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') on line(s): 19, 21