I have created vulnerable web application using Front end react and backend spring boot. This test application web application is called PinewoodStore.
Some of the vulnerabilities that have been introduced to the site include
Cross Site Scripting(XSS)
Server Side Request Forgery(SSRF)
Directory Traversal
External XML Entity Injection (XXE)
Server side json injection
Remote code Execution(RCE)
SQL injection
To name the few.
The first part of the Demo would be to Demo on how attackers exploit cross site scripting vulnerability to steal a session cookie and log into victims account.
