Web Security

Demonstrate a web security vulnerability (such as cross-site scripting, cross-site request forgery, SQL injection, or others) in a web application that you control and are authorized to modify and administer. In general, this means it should be a web application that you've installed on one of your own boxes for this experience. You can either use a known-vulnerable application (e.g., a web application that is designed to teach web security), you can modify an application to be vulnerable (e.g., write or modify a simple web app so that it has a vulnerability), or you can try to find one in an existing application. Once you have demonstrated the vulnerability, show how it can be fixed.