Add new A7 - Cross-Site Scripting (XSS) web app (Rails)

[rafaveira3]

Motivation

SecDevLab's goal is to provide examples of how security vulnerabilities could be fixed, but we only have one example of Cross-Site Scripting from OWASP's 2017 Top 10.

It would be great if

We had another app illustrating this vulnerability and how it could be exploited by an attacker.

What we expect

The new app must have a complete README.md with all the steps on how to get the environment ready to run it, how it can be installed, and how an attacker could compromise it.

The app should be similar to the existing web apps, such as this one.

Note: It would be great if this app could be powered by Rails. 🙂

Tips

• OWAST A7:2017 Cross-Site Scripting
• Google Application Security - Cross-Site Scripting
• App Spot - XSS Game

[daviluis321]

thanks, I will create an app for this issue ;)

[Krlier]

thanks, I will create an app for this issue ;)

Hi, @daviluis321!

How's it going?

Can we help you with anything?

[Perkles]

Hey @Krlier and @fguisso I just finished #602.
Could you take a look when you have some time ?

cheers✨