You are reviewing the codebase of a Java application. During initial reconnaissance, you search for all uses of the Http Servlet Request.getParameter API. The following code catches your eye: private void set Welcome Message (Http Servlet Request request) throws Servlet Exception { String name = request.getParameter(“name”); if (name == null) name = “”; m_ welcome Message = “Welcome “ + name +”!”; } What possible vulnerability might this code indicate? What further code analysis would you need to perform to confi rm whether the application is indeed vulnerable?
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here