Restructured the baseline to remove extra src/main directory structure. Added eclipes project file

git-svn-id: http://webgoat.googlecode.com/svn/branches/webgoat-6.0@485 4033779f-a91e-0410-96ef-6bf7bf53c507
2012-11-19 23:57:51 +00:00
parent fb938e0933
commit 6a96547ef0
1204 changed files with 85 additions and 2 deletions
--- a/webapp/lesson_plans/en/ReflectedXSS.html
+++ b/webapp/lesson_plans/en/ReflectedXSS.html
@ -0,0 +1,13 @@
+<div align="Center">
+<p><b>Lesson Plan Title: </b>How to Perform Reflected Cross Site Scripting (XSS)</p>
+</div>
+<p><b>Concept / Topic To Teach:</b> </p>
+<!-- Start Instructions -->
+It is always a good practice to validate all input on the server side.
+ XSS can occur when unvalidated user input is used in an HTTP response. 
+ In a reflected XSS attack, an attacker can craft a URL with the attack 
+ script and post it to another website, email it, or otherwise get a 
+ victim to click on it. 
+<!-- Stop Instructions -->
+<p><b>General Goal(s):</b> </p>
+For this exercise, your mission is to come up with some input containing a script. You have to try to get this page to reflect that input back to your browser, which will execute the script and do something bad.