Cross Site Scripting Defect Fix, Small Job, Easy quick fix JavaScript, HTML, JSP
$30-250 USD
Closed
Posted over 9 years ago
$30-250 USD
Paid on delivery
There are web security issues in small 4 page web application. There are 2 defects that needs to be fixed related to Cross Site Scripting.
Issue 1:
General: CSS issue when uploading a file. (HTML, JavaScript, JSP code)
Causes: Sanitation of hazardous characters was not performed correctly on user input
Reasoning: The test result seems to indicate a vulnerability because Appscan successfully embedded a script in the response, which will be executed when the page loads in the user's browser.
Solution: Refer to Page 45 in the attached document (Review possible solutions for hazardous character injection)
Issue reported on page 9,10,11, 12 of the PDF (only Cross Site Scripting)
- Please check the detailed report
Good knowledge of HTML, Cross Site Scripting, JavaScript, OWASP Framework etc will help to complete this project. Complete technical support will be available. Any questions or queries or technical assistance will be provided. Support via skype/video conference or conversation will be provided. Please ask questions if you need help with the requirements.
***** You will be awarded this project and excellent feedback for good work. I am 5.0/5.0 employer. I will create 100% Milestone Money. It will be fun, exciting to work together. The project would take approx. few hours for good developer. I will have more project to share in future. 100% clear requirements will be provided. The bidder with good reputation would be selected. Questions are always welcomed.
*** Please bid accordingly the maximum budget for this project is $50 only. Source code will be provided.
Dear Sir. We claim to get it done perfectly for you EXACTLY in the way you want it - Kindly give we a chance and we will prove myself -
Ready to prove our words, let's get it done right away and I mean RIGHT AWAY !!
Looking forward to hear from you soon - GOD Bless You.
Relating to the attached security report, it looks like the form requires just a few simple modifications that will make it prevented from any XSS attacks. OWASP Framework developers have already implemented some exploitable functions, so it will be as fast as just a simple code overview to fix. Accordingly, I don't think that it is worth more than 35$ offered by me. I am also a 5.0/5.0 freelancer and want to keep this rank by, inter alia, working conscientiously for and with you. Kindest regards, Michal Zezyk.
Hi - As the Project Leader for the OWASP ESAPI Project and Chief Architect of a Application Security Firm, I can get this done for you quickly *and* correctly. Please feel free to reach out with any questions.
I am writing this to explain why I should be awarded the project. I am a software professional with 11 years of work experience and I have worked in various domains such as Telecom/Datacom, Financial Services and Oil And Gas. I have implemented and run two Matrimonial sites that are running successfully. My sites have been thoroughly tested with a proper test plan with about 100 odd test cases. Initially a test plan with test cases is going to be prepared and all test cases are going to be executed and I am sure all bugs would be discovered and corrected.
hi sir,
this website develop in Struts 1 java framework right ?
i have 2 years of experience in java web technology,
also knowledge of JavaScript,Jquery,JqueryUI,Bootstrap 3,CSS3,HTML5 etc.
i will glad to work with you.
have a nice day.