Web Application Security
In this course, we will focus on teaching classical and new security vulnerabilities in web applications: for example injection vulnerabilities, XSS, CSRF, and many more. At the end of this class you will test your knowledge by analyzing the codebase of various frequently-used TUM tools, like TUMLive, NavigaTUM, as well as other open source projects. For more details, see https://www.sec.in.tum.de/i20/teaching/ws2026/web-application-security.No FCFS until 11.07.2026 14:00; FCFS afterwards.
Update 09.07. 12:30: There was an unintended solution in the qualification challenge, making it way easier than intended. That bug has been fixed now: the only difference is re.match vs. re.fullmatch in app.py, line 14.
Existing qualifications have been reset. Please solve the challenge again. The FCFS deadline has been extended accordingly. People who solved the old challenge have been notified via mail.
Update 09.07. 13:30: There was another problem in the challenge, which has been fixed now. Please redownload the challenge again.
Registration Form
Valid applications received: 60