Add new A7 - Cross-Site Scripting (XSS) web app (Rails)

<a href="https://opensource.globo.com/hacktoberfest/"><img align="right" src="https://user-images.githubusercontent.com/8943477/94613618-36e2d380-027b-11eb-8566-f8aa35ac792d.png" width="300"/></a>

## Motivation

SecDevLab's goal is to provide examples of how security vulnerabilities could be fixed, but we only have one example of `Cross-Site Scripting` from [OWASP's 2017 Top 10](https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A7-Cross-Site_Scripting_(XSS)).

## It would be great if

We had another app illustrating this vulnerability and how it could be exploited by an attacker.

## What we expect

The new app must have a complete `README.md` with all the steps on how to get the environment ready to run it, how it can be installed, and how an attacker could compromise it.

The app should be similar to the existing web apps, such as [this one](https://github.com/globocom/secDevLabs/tree/master/owasp-top10-2017-apps/a7/gossip-world).

Note: It would be great if this app could be powered by Rails. 🙂 

## Tips

* [OWAST A7:2017 Cross-Site Scripting](https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A7-Cross-Site_Scripting_(XSS))
* [Google Application Security - Cross-Site Scripting](https://www.google.com/about/appsecurity/learning/xss/)
* [App Spot - XSS Game](https://xss-game.appspot.com/)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add new A7 - Cross-Site Scripting (XSS) web app (Rails) #438

Motivation

It would be great if

What we expect

Tips

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add new A7 - Cross-Site Scripting (XSS) web app (Rails) #438

Description

Motivation

It would be great if

What we expect

Tips

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions