diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java
index 8bc916874..87ece4df9 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java
@@ -22,8 +22,8 @@ public class Challenge2 extends AssignmentEndpoint {
     @RequestMapping(method = RequestMethod.POST)
     public
     @ResponseBody
-    AttackResult completed(@RequestParam String couponCode) throws IOException {
-        if (SUPER_COUPON_CODE.equals(couponCode)) {
+    AttackResult completed(@RequestParam String checkoutCode) throws IOException {
+        if (SUPER_COUPON_CODE.equals(checkoutCode)) {
             return success().feedback("challenge.solved").feedbackArgs(Flag.FLAGS.get(2)).build();
         }
         return failed().build();
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index 8c9bbc78d..b937495a8 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -61,74 +61,82 @@
     <script th:src="@{/lesson_js/challenge2.js}" language="JavaScript"></script>
     <div class="attack-container">
         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
-        <div class="container">
-            <div class="row">
-                <div class="col-xs-3 item-photo">
-                    <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
-                </div>
-                <div class="col-xs-5" style="border:0px solid gray">
-                    <h3>Samsung Galaxy S8 Plus Android Phone</h3>
-                    <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
-                        <small style="color:#337ab7">(124421 reviews)</small>
-                    </h5>
+        <form class="attack-form" accept-charset="UNKNOWN"
+              method="POST" name="form"
+              action="/WebGoat/challenge/2"
+              enctype="application/json;charset=UTF-8">
+            <div class="container">
 
-                    <h6 class="title-price">
-                        <small>PRICE</small>
-                    </h6>
-                    <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
+                <div class="row">
+                    <div class="col-xs-3 item-photo">
+                        <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
+                    </div>
+                    <div class="col-xs-5" style="border:0px solid gray">
+                        <h3>Samsung Galaxy S8 Plus Android Phone</h3>
+                        <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
+                            <small style="color:#337ab7">(124421 reviews)</small>
+                        </h5>
 
-                    <div class="section">
-                        <h6 class="title-attr" style="margin-top:15px;">
-                            <small>COLOR</small>
+                        <h6 class="title-price">
+                            <small>PRICE</small>
                         </h6>
-                        <div>
-                            <div class="attr" style="width:25px;background:lightgrey;"></div>
-                            <div class="attr" style="width:25px;background:black;"></div>
+                        <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
+
+                        <div class="section">
+                            <h6 class="title-attr" style="margin-top:15px;">
+                                <small>COLOR</small>
+                            </h6>
+                            <div>
+                                <div class="attr" style="width:25px;background:lightgrey;"></div>
+                                <div class="attr" style="width:25px;background:black;"></div>
+                            </div>
                         </div>
-                    </div>
-                    <div class="section" style="padding-bottom:5px;">
-                        <h6 class="title-attr">
-                            <small>CAPACITY</small>
-                        </h6>
-                        <div>
-                            <div class="attr2">64 GB</div>
-                            <div class="attr2">128 GB</div>
+                        <div class="section" style="padding-bottom:5px;">
+                            <h6 class="title-attr">
+                                <small>CAPACITY</small>
+                            </h6>
+                            <div>
+                                <div class="attr2">64 GB</div>
+                                <div class="attr2">128 GB</div>
+                            </div>
                         </div>
-                    </div>
-                    <div class="section" style="padding-bottom:20px;">
-                        <h6 class="title-attr">
-                            <small>QUANTITY</small>
-                        </h6>
-                        <div>
-                            <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
-                            <input class="quantity" value="1"/>
-                            <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
+                        <div class="section" style="padding-bottom:20px;">
+                            <h6 class="title-attr">
+                                <small>QUANTITY</small>
+                            </h6>
+                            <div>
+                                <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
+                                <input class="quantity" value="1"/>
+                                <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
+                            </div>
                         </div>
-                    </div>
 
-                    <div class="section" style="padding-bottom:20px;">
-                        <h6 class="title-attr">
-                            <small>CHECKOUT CODE</small>
-                        </h6>
+                        <div class="section" style="padding-bottom:20px;">
+                            <h6 class="title-attr">
+                                <small>CHECKOUT CODE</small>
+                            </h6>
 
-                        <!--
-                          Checkout code: pre-order-webgoat, pre-order-owasp, pre-order-webgoat-owasp
-                        -->
-                        <input class="checkoutCode" value=""/>
+                            <!--
+                              Checkout code: pre-order-webgoat, pre-order-owasp, pre-order-webgoat-owasp
+                            -->
+                            <input name="checkoutCode" class="checkoutCode" value=""/>
 
-                    </div>
+                        </div>
 
-                    <div class="section" style="padding-bottom:20px;">
-                        <button class="btn btn-success"><span style="margin-right:20px"
-                                                              class="glyphicon glyphicon-shopping-cart"
-                                                              aria-hidden="true"></span>Buy
-                        </button>
-                        <h6><a href="#"><span class="glyphicon glyphicon-heart-empty" style="cursor:pointer;"></span>
-                            Like</a></h6>
+                        <div class="section" style="padding-bottom:20px;">
+                            <button type="submit" class="btn btn-success"><span style="margin-right:20px"
+                                                                  class="glyphicon glyphicon-shopping-cart"
+                                                                  aria-hidden="true"></span>Buy
+                            </button>
+                            <h6><a href="#"><span class="glyphicon glyphicon-heart-empty"
+                                                  style="cursor:pointer;"></span>
+                                Like</a></h6>
+                        </div>
                     </div>
                 </div>
+
             </div>
-        </div>
+        </form>
         <br/>
         <div>
             <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc
index a9177c5b2..6849340ea 100644
--- a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc
@@ -1 +1 @@
-=== No need to pay... (WIP!!)
\ No newline at end of file
+=== No need to pay...
\ No newline at end of file