The test successfully embedded a script in the response, which will be executed once the page is loaded in the user's browser. This means that the application is vulnerable to the Cross-Site Scripting attack. The file 500page.jsp should escape the attributes and parameters to prevent code execution. [3 of 5] Cross-Site Scripting Severity: High Test Type: Application Vulnerable URL: http://xxx.yyy.com:8080/addpersonalspacetofavourites.action (Parameter = key) Remediation Tasks: Filter out hazardous characters from user input Variant 1 of 8 [ID=574034] The following changes were applied to the original request: • Injected '<script>alert("Watchfire%20XSS")</script>' into parameter 'key's value Request/Response: GET /addpersonalspacetofavourites.action?nonBlankResult=true&key=<script>alert ("Watchfire%20XSS")</script> HTTP/1.0 Cookie: seraph.confluence=Zh\hNiQi[hZiOf]fOm\fOfUgSfZfWkYkWk; confluence.list.pages.cookie=list-alphabetically; confluence.browse.space.cookie=space-templates; JSESSIONID=7FC6827BCA10B0042DE6BE0536A246D0 Accept: / Accept-Language: en-US User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32) Host: xxxx.yyyy.com:8080 Referer: http://xxx.yyyy.com:8080/dopeopledirectorysearch.action? searchQueryBean.queryString=&showOnlyPersonal=true HTTP/1.1 500 Internal Server Error Content-Length: 23985 Server: Apache-Coyote/1.1 Content-Type: text/html;charset=ISO-8859-1 Date: Wed, 22 Aug 2007 20:26:11 GMT Connection: close <html> <head> <title>Oops - an error has occurred</title> <link rel="stylesheet" href="/styles/main-action.css" type="text/css" /> <script language="JavaScript" type="text/javascript" src="/includes/js/cookieUtils.js"></script> <style> ...