dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

renamed JavaSource -> java, WebContent -> webapp regarding to Maven convention

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@392 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
ch.ko123
2009-11-01 11:04:59 +00:00
parent 6cc4a44d86
commit f99fad493c
1033 changed files with 13 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
main/project/webapp/lesson_plans/English/ReflectedXSS.html Normal file
View File

@ -0,0 +1,13 @@
<div align="Center">
<p><b>Lesson Plan Title: </b>How to Perform Reflected Cross Site Scripting (XSS)</p>
</div>
<p><b>Concept / Topic To Teach:</b> </p>
<!-- Start Instructions -->
It is always a good practice to validate all input on the server side.
XSS can occur when unvalidated user input is used in an HTTP response.
In a reflected XSS attack, an attacker can craft a URL with the attack
script and post it to another website, email it, or otherwise get a
victim to click on it.
<!-- Stop Instructions -->
<p><b>General Goal(s):</b> </p>
For this exercise, your mission is to come up with some input containing a script. You have to try to get this page to reflect that input back to your browser, which will execute the script and do something bad.