Cross Site Scripting Attack 941110 from application java_2 to application Unknown Client_test
Created by: armorcodegithubpreprod[bot]
Cross Site Scripting Attack 941110 from application java_2 to application Unknown Client
Attack Description: XSS Filter - Category 1: Script Tag Vector
Matched Data:
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Demo SQL injection code</title>
</head>
<body>
<img alt="bank logo" src="banklogo.png" height = 100px width = 250px style="margin-top:55px;margin-left:500px;">
<!-- <h1><center>Welcome to ACME Bank</center></h1>-->
<BR>
<BR>
<p align= center>
For SQLi attack use admin' OR ' 1 = 1 -- in password field.
</p>
<div>
<form action = login.jsp method = get align = center>
<BR><Label>User Name</Label> <input type = text name = txtusername><BR>
<BR><Label>Password</Label> <input type = password name = txtpass><BR>
<BR><input type = submit value = submit>
</form>
</div>
<BR>
<BR>
<BR>
<p align= center>
For XSS attack use mydata"\><script>alert('XSS');</script> in search field.
</p>
<div>
<form action = index.jsp method = get align = center>
<BR><Label>Previous Search: </Label> mydata"\><script>alert('XSS');</script><BR>
<BR><Label>Search</Label> <input type = search name = search><BR>
<BR><input type = submit value = search>
</form>
</div>
</body>
</html>
Rule Id26725467-8968-4858-8736-1cd9c762462b
https://preprod.armorcode.ai/#/findings/4429527
Knowledge Base: Man in the Middle (MITM) Attack:https://preprod.armorcode.ai/#/knowledgeBase/45