10031 10031 User Controllable HTML Element Attribute (Potential XSS) User Controllable HTML Element Attribute (Potential XSS) 0 1 Informational (Low) Low <p>This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.</p> http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST __fake__search__ User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [td] tag [id] attribute The user input found was: __fake__search__=search The user-controlled value was: searchformheader http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_0 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_0=filtroProtocollo The user-controlled value was: filtroprotocollo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_1 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_1=filtroTipoSA The user-controlled value was: filtrotiposa http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_2 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_2=filtroTipoCredenziali The user-controlled value was: filtrotipocredenziali http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_3 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_3=filtroRuolo The user-controlled value was: filtroruolo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_4 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_4=filtroGruppo The user-controlled value was: filtrogruppo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_5 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_5=filtroApiContesto The user-controlled value was: filtroapicontesto http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_6 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_6=subtDatiProp The user-controlled value was: subtdatiprop http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_7 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_7=filtroPropNome The user-controlled value was: filtropropnome http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_8 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_8=filtroPropValore The user-controlled value was: filtropropvalore http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterValue_3 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [option] tag [value] attribute The user input found was: filterValue_3=ModIRuolo1FonteQualsiasi The user-controlled value was: modiruolo1fontequalsiasi http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterValue_7 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [option] tag [value] attribute The user input found was: filterValue_7=authzContenutiTest The user-controlled value was: authzcontenutitest http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterValue_8 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterValue_8=ZAP The user-controlled value was: zap http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_2,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_2,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_2,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_2,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_2,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_2,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_2,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_2,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_2,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_2,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_2,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_2,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_2,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_2,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_2,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_2,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_2,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_2,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST search User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: search=ZAP The user-controlled value was: zap http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST __fake__search__ User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [td] tag [id] attribute The user input found was: __fake__search__=search The user-controlled value was: searchformheader http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_0 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_0=filtroProtocollo The user-controlled value was: filtroprotocollo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_1 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_1=filtroTipoSA The user-controlled value was: filtrotiposa http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_2 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_2=filtroTipoCredenziali The user-controlled value was: filtrotipocredenziali http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_3 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_3=filtroRuolo The user-controlled value was: filtroruolo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_4 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_4=filtroGruppo The user-controlled value was: filtrogruppo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_5 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_5=filtroApiContesto The user-controlled value was: filtroapicontesto http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_6 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_6=subtDatiProp The user-controlled value was: subtdatiprop http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_7 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_7=filtroPropNome The user-controlled value was: filtropropnome http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_8 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_8=filtroPropValore The user-controlled value was: filtropropvalore http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterValue_3 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [option] tag [value] attribute The user input found was: filterValue_3=ModIRuolo1FonteQualsiasi The user-controlled value was: modiruolo1fontequalsiasi http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterValue_7 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [option] tag [value] attribute The user input found was: filterValue_7=authzContenutiTest The user-controlled value was: authzcontenutitest http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterValue_8 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterValue_8=ZAP The user-controlled value was: zap http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do ()(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST search User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do appears to include user input in: a(n) [input] tag [value] attribute The user input found was: search=ZAP The user-controlled value was: zap http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST __fake__search__ User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [td] tag [id] attribute The user input found was: __fake__search__=search The user-controlled value was: searchformheader http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_0 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_0=filtroProtocollo The user-controlled value was: filtroprotocollo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_1 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_1=filtroTipoSA The user-controlled value was: filtrotiposa http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_10 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_10=subtDatiProp The user-controlled value was: subtdatiprop http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_11 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_11=filtroPropNome The user-controlled value was: filtropropnome http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_12 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_12=filtroPropValore The user-controlled value was: filtropropvalore http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_2 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_2=filtroTipoCredenziali The user-controlled value was: filtrotipocredenziali http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_3 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_3=filtroRuolo The user-controlled value was: filtroruolo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_4 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_4=filtroGruppo The user-controlled value was: filtrogruppo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterName_5 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_5=filtroApiContesto The user-controlled value was: filtroapicontesto http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterValue_11 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [option] tag [value] attribute The user input found was: filterValue_11=authzContenutiTest The user-controlled value was: authzcontenutitest http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterValue_12 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterValue_12=ZAP The user-controlled value was: zap http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterValue_3 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [option] tag [value] attribute The user input found was: filterValue_3=ModIRuolo1FonteQualsiasi The user-controlled value was: modiruolo1fontequalsiasi http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST filterValue_9 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterValue_9=ZAP The user-controlled value was: zap http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,__i_hidden_title_iconUso_0_0,__i_hidden_title_iconUso_0_2,__i_hidden_title_iconUso_10_0,__i_hidden_title_iconUso_10_3,__i_hidden_title_iconUso_11_0,__i_hidden_title_iconUso_11_3,__i_hidden_title_iconUso_12_0,__i_hidden_title_iconUso_12_3,__i_hidden_title_iconUso_13_0,__i_hidden_title_iconUso_13_3,__i_hidden_title_iconUso_14_0,__i_hidden_title_iconUso_14_3,__i_hidden_title_iconUso_15_0,__i_hidden_title_iconUso_15_2,__i_hidden_title_iconUso_16_0,__i_hidden_title_iconUso_16_3,__i_hidden_title_iconUso_17_0,__i_hidden_title_iconUso_17_3,__i_hidden_title_iconUso_18_0,__i_hidden_title_iconUso_18_3,__i_hidden_title_iconUso_19_0,__i_hidden_title_iconUso_19_3,__i_hidden_title_iconUso_1_0,__i_hidden_title_iconUso_1_3,__i_hidden_title_iconUso_2_0,__i_hidden_title_iconUso_2_3,__i_hidden_title_iconUso_3_0,__i_hidden_title_iconUso_3_3,__i_hidden_title_iconUso_4_0,__i_hidden_title_iconUso_4_3,__i_hidden_title_iconUso_5_0,__i_hidden_title_iconUso_5_3,__i_hidden_title_iconUso_6_0,__i_hidden_title_iconUso_6_3,__i_hidden_title_iconUso_7_0,__i_hidden_title_iconUso_7_3,__i_hidden_title_iconUso_8_0,__i_hidden_title_iconUso_8_3,__i_hidden_title_iconUso_9_0,__i_hidden_title_iconUso_9_3,_csrf,be_name_0,chkAll,filterName_0,filterName_1,filterName_10,filterName_11,filterName_12,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterName_9,filterValue_11,filterValue_12,filterValue_3,filterValue_8,filterValue_9,limit,search,selectcheckbox,url_entry_0,url_entry_1,url_entry_10,url_entry_11,url_entry_12,url_entry_13,url_entry_14,url_entry_15,url_entry_16,url_entry_17,url_entry_18,url_entry_19,url_entry_2,url_entry_3,url_entry_4,url_entry_5,url_entry_6,url_entry_7,url_entry_8,url_entry_9) POST search User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: search=ZAP The user-controlled value was: zap http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST __fake__search__ User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [td] tag [id] attribute The user input found was: __fake__search__=search The user-controlled value was: searchformheader http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_0 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_0=filtroProtocollo The user-controlled value was: filtroprotocollo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_1 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_1=filtroTipoSA The user-controlled value was: filtrotiposa http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_2 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_2=filtroTipoCredenziali The user-controlled value was: filtrotipocredenziali http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_3 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_3=filtroRuolo The user-controlled value was: filtroruolo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_4 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_4=filtroGruppo The user-controlled value was: filtrogruppo http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_5 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_5=filtroApiContesto The user-controlled value was: filtroapicontesto http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_6 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_6=subtDatiProp The user-controlled value was: subtdatiprop http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_7 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_7=filtroPropNome The user-controlled value was: filtropropnome http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterName_8 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterName_8=filtroPropValore The user-controlled value was: filtropropvalore http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterValue_3 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [option] tag [value] attribute The user input found was: filterValue_3=ModIRuolo1FonteQualsiasi The user-controlled value was: modiruolo1fontequalsiasi http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterValue_7 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [option] tag [value] attribute The user input found was: filterValue_7=authzContenutiTest The user-controlled value was: authzcontenutitest http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST filterValue_8 User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: filterValue_8=ZAP The user-controlled value was: zap http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do (__prevTabKey__,resetSearch)(__fake__search__,_csrf,filterName_0,filterName_1,filterName_2,filterName_3,filterName_4,filterName_5,filterName_6,filterName_7,filterName_8,filterValue_3,filterValue_7,filterValue_8,search) POST search User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do?__prevTabKey__=8fea4ae0-e038-4206-bbb8-d5a8d232f54b&resetSearch=yes appears to include user input in: a(n) [input] tag [value] attribute The user input found was: search=ZAP The user-controlled value was: zap 57 false <p>Validate all input and sanitize output it before writing to any HTML attributes.</p> <p>User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL:</p><p></p><p>http://127.0.0.1:8080/govwayConsole/serviziApplicativiList.do</p><p></p><p>appears to include user input in:</p><p>a(n) [td] tag [id] attribute</p><p></p><p>The user input found was:</p><p>__fake__search__=search</p><p></p><p>The user-controlled value was:</p><p>searchformheader</p> <p>https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html</p> 20 20 1271 Info Informational insight.network.failure Percentage of network failures 1 Info Informational http://127.0.0.1:8080 insight.code.2xx Percentage of responses with status code 2xx 66 Info Informational http://127.0.0.1:8080 insight.code.3xx Percentage of responses with status code 3xx 12 Info Informational http://127.0.0.1:8080 insight.code.4xx Percentage of responses with status code 4xx 18 Info Informational http://127.0.0.1:8080 insight.code.5xx Percentage of responses with status code 5xx 1 Info Informational http://127.0.0.1:8080 insight.endpoint.ctype.image/gif Percentage of endpoints with content type image/gif 1 Info Informational http://127.0.0.1:8080 insight.endpoint.ctype.image/png Percentage of endpoints with content type image/png 3 Info Informational http://127.0.0.1:8080 insight.endpoint.ctype.image/x-icon Percentage of endpoints with content type image/x-icon 1 Info Informational http://127.0.0.1:8080 insight.endpoint.ctype.text/css Percentage of endpoints with content type text/css 6 Info Informational http://127.0.0.1:8080 insight.endpoint.ctype.text/html Percentage of endpoints with content type text/html 73 Info Informational http://127.0.0.1:8080 insight.endpoint.ctype.text/javascript Percentage of endpoints with content type text/javascript 6 Info Informational http://127.0.0.1:8080 insight.endpoint.ctype.text/plain Percentage of endpoints with content type text/plain 1 Info Informational http://127.0.0.1:8080 insight.endpoint.method.GET Percentage of endpoints with method GET 64 Info Informational http://127.0.0.1:8080 insight.endpoint.method.POST Percentage of endpoints with method POST 35 Info Informational http://127.0.0.1:8080 insight.endpoint.total Count of total endpoints 203 Info Informational http://127.0.0.1:8080 insight.response.slow Percentage of slow responses 25