The zip file contains a JSP Web app that has been purposely built to be vulnerable. The app is similar in structure to the Java Vulnerable Lab. You can install the app through Netbeans.
Your objective is to go through each task and try to fix the vulnerability. These tasks are very similar to the ones covered in the labs.