OWASP ZAP WAVE - XSS Form basic

OWASP ZAP WAVE - Simple XSS in a Form parameter

Description

The 'name' parameter in the form is written to the page if (and only if) its used as a URL parameter without being sanitised and so is vulnerable to a simple script injection attack.
Only a GET is vulnerable, not a POST.

Name:

OWASP ZAP WAVE - Simple XSS in a Form parameter

Description

Example