Cross-Site-Scripting Proof of Concept
Script
<?php
if(isset($_GET['submit'])){
$msg = $_GET['msg'];
}
?>
<!DOCTYPE html>
<html>
<body>
<h2>Authentifizierung</h2>
<form method="get">
<label for="fname">Input</label><br>
<input type="text" name="msg"><br>
<input type="submit" name="submit" value="klick">
</form>
<br>
<?php
echo "Hello $msg";
?>
</table>
</body>
</html>