SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #2160

Back to the previous page... Back to the previous page

Test Case IDAccepted2160
Bad / Good / MixedGoodGood test case
AuthorCharline Cleraux
Test suite: 64  
Added byCharline Cleraux
Type of test caseSource Code
Input stringdata
Expected Output
Submission date2010-02-02
DescriptionThis servlet implements a fixed Cross-Site Scripting vulnerability (XSS) with a loop complexity: the data provided by the client in the field "data" is encoded so there is no more XSS.

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') on line(s): 0, 51, 55, 57