Test injection

On the other hand, a negative test does not always mean that a person is free of tuberculosis. People who have been infected with TB may not have a positive skin test (known as a false negative result) if their immune function is compromised by chronic medical conditions, cancer chemotherapy , or AIDS . Additionally, 10%-25% of people with newly diagnosed tuberculosis of the lungs will also have a negative result, possibly due to poor immune function, poor nutrition , accompanying viral infection, or steroid therapy. Over 50% of patients with widespread, disseminated TB (spread throughout the body, known as miliary TB) will also have a negative TB test.

You can determine if a web-based application is vulnerable to XSS attacks very easily. A simple easy test is to take a current parameter that is sent in the HTTP GET request and modify it. Take for example the following request in the browser address URL bar. This url will take a name parameter that you enter in a textbox and print something on the page. Like "Hello George, thank you for coming to my site"


And modify it so that add an extra some additional information to the parameter. For example try entering something similar to the following request in the browser address URL bar.

http:///?name=<script>alert('You just found a XSS vulnerability')</script>

If this pops up an alert message box stating "You just found a XSS vulnerability", then you know this parameter is vulnerable to XSS attacks. The parameter name is not being validating, it is allowing anything to be processed as a name, including a malicious script that is injected into the parameter passed in. Basically what is occurring is normally where the name George would be entered on the page the </script></script> message is instead being written to the dynamic page. The alert message just is an example of how to test for the XSS vulnerability. A malicious hacker would be much more devious to this type of security vulnerability.

Test injection

test injection


test injectiontest injectiontest injectiontest injectiontest injection