Context: Cross-site scripting (XSS) is a security vulnerability that affects web applications. It occurs due to improper or lack of sanitization of user inputs. The security vulnerability caused many problems for users and server applications. Objective: To conduct a systematic literature review on the studies done on XSS vulnerabilities and attacks. Method: We followed the standard guidelines for systematic literature review as documented by Barbara Kitchenham and reviewed a total of 115 studies related to cross-site scripting from various journals and conference proceedings. Results: Research on XSS is still very active with publications across many conference proceedings and journals. Attack prevention and vulnerability detection are the areas focused on by most of the studies. Dynamic analysis techniques form the majority among the solutions proposed by the various studies. The type of XSS addressed the most is reflected XSS. Conclusion: XSS still remains a big problem for web applications, despite the bulk of solutions provided so far. There is no single solution that can effectively mitigate XSS attacks. More research is needed in the area of vulnerability removal from the source code of the applications before deployment.
It is only less than a decade that agile SD methods were introduced and got popular steadily. The defined values in these methods and their outcomes have motivated many software producers to use these methods. Since migration from traditional software development methods to agile methods is growing highly, managers of the companies should be aware of problems, hindrances and challenges they may face with during the agile transformation process. This study focused on challenges which companies may face with and it is necessary that managers think about solving them. Classifying them into four main categories; organization and management, people, process and tools are the areas that challenges have been seen in recent studies.
Agile software development by offering new values motivates software companies to use Agile methods instead of traditional methods. However, reviewing the literature shows that leaving traditional methods and moving to Agile methods is subjected to many serious challenges. We have conducted a large-scale research study to empirically discover various aspects of Agile transformation. Our Grounded Theory study showed the general outline of Agile transformation. The main aim of this paper is to figure out the most important concepts that need to be considered when moving to Agile. This study showed that Agile transformation comprises many concepts, activities, and steps including transformation prerequisites, facilitators, framework, assessment, coaching, and so on. Companies need to be familiar with these concepts before starting transitioning to Agile.
Software architecture (SA) has a prominent role in all stages of system development. Given the persistent evolution of software systems over time, SA tends to be eroded or degraded. Such phenomenon is called architectural degradation. In light of this phenomenon, the current study focuses on problems of architectural erosion in the open-source software (OSS). There has been a significant research activity on the OSS over the last decade. Nonetheless, the architectural degradation problems in the OSS are still scattered and disorganized. In addition, there has been no systematic attempt made on existing studies to provide evidence, insight and better understanding for researchers and practitioners. The main objective of the present study is to provide a profound understanding and to review the existing studies on the architectural erosion of the OSS. In this study, we conduct a systematic literature review (SLR) to gather, organize, classify, and analyze the architectural degradation of previous papers published until the year 2020. The data for this study were collected from eight major online databases (ACM, Springer, ScienceDirect, Taylor, IEEE Explorer, Scopus, Web of Science, and Wiley). A total of 74 primary studies were identified as the final samples of this research. The results indicated that rapid software evolution, frequent changes, and the lack of developers' awareness are the most common causes occurred in architecture degradation. Meanwhile, the prominent key indicators of architectural erosion symptoms are code smells and architectural smells. Additionally, the results indicated the most commonly used of the proposed solution for addressing architectural erosion is the metrics-based strategy. Acknowledging the limitations of the current study, more studies are needed that focus on determining other causes that are still ambiguous and improving the other solutions to provide better results in the precision and effectiveness of addressing architectural erosion.
The use of Agile methodologies in software development has grown steadily over recent years. One of the main emphases of these methods is employing cross-functional and self-organized teams and highly skilled developers in software projects. In such a condition, project management would be a serious concern. Indeed, it would be confusing whether Agile teams are really in need of the role of the project manager. While Agile methodologies do not explicitly define the role of the project manager, many reports mention the existence of this role in Agile projects in real environments. So, it seems that the existence of this role is debated. Conducting a Systematic Literature Review, this study tried to find out answers to the ambiguities and questions regarding the role of Agile project management, the role of the project manager, and related issues. Focusing on the primary studies, the results show that there is no independent job called project manager in Agile methodologies. However, there is a need for it. Moreover, in the absence of this role in Agile methodologies and the need for it, it seems that this role would be structurally different from the traditional role of the project manager in terms of responsibilities and duties. Finally, the results show that pre-defined roles in Agile methodologies are often responsible for the project manager duties in software teams with no project manager.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.