Reflected cross-site scripting (XSS)

Description

It is possible to inject JavaScript code in the application fields. This could allow an attacker to compromise a user's session.

Requirements

• 029. Cookies with security attributes

• 173. Discard unsafe inputs