docker-vulnerable-dvwa/dvwa/vulnerabilities/xss_r/source/medium.php

<?php

header ("X-XSS-Protection: 0");

// Is there any input?
if( array_key_exists( "name", $_GET ) && $_GET[ 'name' ] != NULL ) {
	// Get input
	$name = str_replace( '<script>', '', $_GET[ 'name' ] );

	// Feedback for end user
	$html .= "<pre>Hello ${name}</pre>";
}

?>
first commit 2016-12-02 19:19:11 +00:00			`<?php`

dvwa updated 2018-10-12 15:49:58 +00:00			`header ("X-XSS-Protection: 0");`

first commit 2016-12-02 19:19:11 +00:00			`// Is there any input?`
			`if( array_key_exists( "name", $_GET ) && $_GET[ 'name' ] != NULL ) {`
			`// Get input`
			`$name = str_replace( '<script>', '', $_GET[ 'name' ] );`

			`// Feedback for end user`
			`$html .= "<pre>Hello ${name}</pre>";`
			`}`

			`?>`