* Log spoofing lesson this includes the following file:

- LogSpoofing.html - LogSpoofing.java git-svn-id: http://webgoat.googlecode.com/svn/trunk@27 4033779f-a91e-0410-96ef-6bf7bf53c507
2006-11-01 02:26:51 +00:00
parent 1a9d859507
commit ca2dfa27d1
4 changed files with 137 additions and 0 deletions
--- a/webgoat/main/project/WebContent/WEB-INF/webgoat-lmc.properties
+++ b/webgoat/main/project/WebContent/WEB-INF/webgoat-lmc.properties
@ -14,6 +14,7 @@ lesson.PathBasedAccessControl.ranking=20
 category.Cross-Site\ Scripting\ (XSS).ranking=41
 lesson.StoredXss.ranking=10
 lesson.ReflectedXSS.ranking=20
+lesson.CSRF.ranking=30

 category.Unvalidated\ Parameters.ranking=51
 lesson.HiddenFieldTampering.ranking=10
@ -27,6 +28,7 @@ category.Injection\ Flaws.ranking=71
 lesson.SqlNumericInjection.ranking=10
 lesson.SqlStringInjection.ranking=20
 lesson.CommandInjection.ranking=30
+lesson.LogSpoofing.ranking=40

 category.Improper\ Error\ Handling.ranking=81
 lesson.FailOpenAuthentication.ranking=10