#StackBounty: #web-application #xss #javascript #vulnerability #jsp Can “c:set” cause Cross Site Scripting (XSS) vulnerability?

Bounty: 100

Can this be exploited as XSS vulnerability using urls like localhost/?myVar=<script>alert(document.cookie)</script> or though any other possibility?

<c:set var="myVar" value="<%=request.getParameter("myVar")%>"/>
<c:if test="${myVar == 'VALUE1'}">
   <option value="a">A</option>
   <option value="b">B</option>
</c:if>
<c:if test="${myVar == 'VALUE2'}">
   <option value="c">C</option>
   <option value="d">D</option>
</c:if>

How can we secure ourself from this?


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.