- Contains the XMLInjection lesson.
- New files added: XMLInjection.html, XMLInjection.java and XMLInjection/EmployeesData.xml git-svn-id: http://webgoat.googlecode.com/svn/trunk@33 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
@ -17,5 +17,5 @@ One technique is to manipulate the URL in the browser by deleting sections from
|
||||
<!-- Start Instructions -->
|
||||
* Your goal should be to try to guess the URL for the "config" interface.<br>
|
||||
* The "config" URL is only available to the maintenance personnel.<br>
|
||||
* The application doesn't check for horizontal priveleges.
|
||||
* The application doesn't check for horizontal privileges.
|
||||
<!-- Stop Instructions -->
|
||||
|
Reference in New Issue
Block a user