SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #2153

Back to the previous page... Back to the previous page

Test Case IDAccepted2153
Bad / Good / MixedBadBad test case
AuthorCharline Cleraux
Test suite: 63  65  
Added byCharline Cleraux
Type of test caseSource Code
Input stringdata
Expected Output
Submission date2010-02-02
DescriptionThis servlet implements a Cross-Site Scripting vulnerability (XSS): the data provided by the client in the field "data" is written as is, without any filtering, to the output document.

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') on line(s): 53