Test case 1939

Type: source code
State: bad
Status: candidate
Language: PHP
Submission Date: 08 Mar 2007

Description

The test case shows a basic Cross-Site Scripting in PHP. The associate level of defense is 2.
Here we show how to use the replacements of the characters <,>,\',\" etc.

Flaws

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Test Suites

Web Applications in PHP

Have any comments on this test case? Please, send us an email.