An Approach for the Automated Detection of XSS Vulnerabilities in Web Templates

Stigler, Sebastian; Karzhaubekova, Gulshat; Karg, Christoph

doi:10.30958/ajs.5-3-4

Cited by 3 publications

(3 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Each security gap leads to expensive consequences and if it takes a long time to less trust in new technologies. To avoid this risk, the templates from the Preprocessing App were tested with the methods of Stigler et al (2018) to detect cross site scripting vulnerabilities in websites. All implemented templates are now guarded against cross site scripting attacks.…”

Section: The Preprocessing Appmentioning

confidence: 99%

See 1 more Smart Citation

Untitled

2020

AJS

View full text Add to dashboard Cite

Mission ATINER is an Athens-based World Association of Academics and Researchers based in Athens. ATINER is an independent and non-profit Association with a Mission to become a forum where Academics and Researchers from all over the world can meet in Athens, exchange ideas on their research and discuss future developments in their disciplines, as well as engage with professionals from other fields. Athens was chosen because of its long history of academic gatherings, which go back thousands of years to Plato's Academy and Aristotle's Lyceum. Both these historic places are within walking distance from ATINER"s downtown offices. Since antiquity, Athens was an open city. In the words of Pericles, Athens"…is open to the world, we never expel a foreigner from learning or seeing". ("Pericles" Funeral Oration", in Thucydides, The History of the Peloponnesian War). It is ATINER"s mission to revive the glory of Ancient Athens by inviting the World Academic Community to the city, to learn from each other in an environment of freedom and respect for other people"s opinions and beliefs. After all, the free expression of one"s opinion formed the basis for the development of democracy, and Athens was its cradle. As it turned out, the Golden Age of Athens was in fact, the Golden Age of the Western Civilization. Education and (Re)searching for the "truth" are the pillars of any free (democratic) society. This is the reason why

show abstract

Section: The Preprocessing Appmentioning

confidence: 99%

“…Figure 6 shows the web template to create new projects over the admin panel from the web application. All input fields are checked for cross site scripting vulnerabilities with the tests from Stigler et al (2018). The report shows that the Preprocessing App is protected against the most common security flaws.…”

Section: The Preprocessing Appmentioning

confidence: 99%

Untitled

2020

AJS

View full text Add to dashboard Cite

show abstract

“…They achieved 95% accuracy and 0.99% false-positive rate with their tool called CrawlerXSS.Jia-dong Liu and Yu-yi Ou[17] studied security software and analyzed web filtering rules. By using this analysis, proposed a method to detect XSS attacks based on vectors.Stigler, Karzhaubekova and Karg[18] proposed a method to detect XSS vulnerabilities in Web templates automatically. They parsed every template into internal representation (IR) and performed an XSS test on these IR, and generated unit tests based on parts of IR.…”

mentioning

confidence: 99%

Cross-site Scripting Research: A Review

Nagarjun¹,

Shakeel²

2020

IJACSA

View full text Add to dashboard Cite

Cross-site scripting is one of the severe problems in Web Applications. With more connected devices which uses different Web Applications for every job, the risk of XSS attacks is increasing. In Web applications, hacker steals victims session details or other important information by exploiting XSS vulnerabilities. We studied 412 research papers on cross-site scripting, which are published in between 2002 to 2019. Most of the existing XSS prevention methods are Dynamic analysis, Static analysis, Proxy based method, Filter based method etc. We categorized existing methods and discussed solutions presented on papers and discussed impact of XSS attacks, different defensive methods and research trends in XSS attacks.

show abstract

A Practical Approach of Different Programming Techniques to Implement a Real-time Application using Django

Stigler¹,

Burdack²

2020

AJS

View full text Add to dashboard Cite

An Approach for the Automated Detection of XSS Vulnerabilities in Web Templates

Cited by 3 publications

References 8 publications

Untitled

Untitled

Cross-site Scripting Research: A Review

A Practical Approach of Different Programming Techniques to Implement a Real-time Application using Django

Contact Info

Product

Resources

About