CLAP-372 Chore: 다중 파라미터 xss 공격 테스트 api 구현

<footer>
- 관련: #475

Author: joowojr

src/main/java/clap/server/adapter/inbound/web/XssTestController.java

@@ -15,7 +15,7 @@ public class XssTestController {
 
     @GetMapping
     @DevelopOnlyApi
-    @Operation(summary = "파라미터 xss test")
+    @Operation(summary = "단일 파라미터 xss test")
     public ResponseEntity<String> testGetXss(@RequestParam String input) {
         log.info("Received GET input: {}", input);
         return ResponseEntity.ok("Processed GET input: " + input);
@@ -28,4 +28,20 @@ public ResponseEntity<XssTestResponse> testPostXss(@RequestBody XssTestRequest r
         log.info("Received POST input: {}", request);
         return ResponseEntity.ok(new XssTestResponse(request.content()));
     }
+
+    @GetMapping("/multi-params")
+    @Operation(summary = "다중 파라미터 XSS 테스트")
+    public ResponseEntity<String> testMultiParamXss(@RequestParam(value = "inputs", required = false) String[] inputs) {
+        if (inputs == null || inputs.length == 0) {
+            return ResponseEntity.badRequest().body("No inputs provided");
+        }
+
+        StringBuilder response = new StringBuilder("Processed inputs:\n");
+        for (int i = 0; i < inputs.length; i++) {
+            log.info("Received input {}: {}", i, inputs[i]);
+            response.append("Input ").append(i).append(": ").append(inputs[i]).append("\n");
+        }
+
+        return ResponseEntity.ok(response.toString());
+    }
 }