dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Modified Silent Transactions and XML Injection lesson per Bruce's comments

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@55 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
sherif.fathy
2006-12-30 08:07:48 +00:00
parent ba38b57a44
commit 63043b0f34
3 changed files with 118 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
webgoat/main/project/WebContent/lesson_plans/XMLInjection.html
View File

@ -14,5 +14,5 @@ AJAX applications use XML to exchange information with the server. This XML can
</div>
<p><b>General Goal(s):</b> </p>
<!-- Start Instructions -->
The form below takes your WebGoat Rewards Mile account and returns back the kind of rewards you can afford. Your goal is to try to add more rewards to your allowed set of rewards. Your account ID is 836239.
WebGoat-Miles Reward Miles shows all the rewards available. Once, you enter your account ID, it will show you your balance and the ones that you can afford. Your goal is to try to add more rewards to your allowed set of rewards. Your account ID is 836239.
<!-- Stop Instructions -->