lang:

PHP

regex:

\.\=.*?\s*\$_((POST|GET)\[.*?\]|SERVER\[.?(REQUEST_URI|QUERY_STRING))

description:

User controlled input appended to string. Potential injection attack (i.e. xss)
tags:
xss cross-site scripting cwe-79
results