- Contains the XMLInjection lesson.

- New files added:
  XMLInjection.html, XMLInjection.java and XMLInjection/EmployeesData.xml

git-svn-id: http://webgoat.googlecode.com/svn/trunk@33 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
sherif.fathy
2006-12-02 19:45:59 +00:00
parent c2aee8017e
commit 51d40b7b22
6 changed files with 247 additions and 3 deletions

View File

@ -17,5 +17,5 @@ One technique is to manipulate the URL in the browser by deleting sections from
<!-- Start Instructions -->
* Your goal should be to try to guess the URL for the "config" interface.<br>
* The "config" URL is only available to the maintenance personnel.<br>
* The application doesn't check for horizontal priveleges.
* The application doesn't check for horizontal privileges.
<!-- Stop Instructions -->