Identifying Cross Site Scripting Vulnerabilities in Web Applications

Authors:
G. A. Di Lucca;A. R. Fasolino;M. Mastoianni;P. Tramontana
Affiliations:
University of Sannio, Italy;Università di Napoli Federico II, Italy;Seconda Università di Napoli, Italy;Università di Napoli Federico II, Italy
Venue:
WSE '04 Proceedings of the Web Site Evolution, Sixth IEEE International Workshop
Year:
2004

Citing 0
Cited 9

JavaScript instrumentation for browser security

Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Better abstractions for secure server-side scripting

Proceedings of the 17th international conference on World Wide Web
PrintMonkey: giving users a grip on printing the web

Proceedings of the eighth ACM symposium on Document engineering
Using static analysis for Ajax intrusion detection

Proceedings of the 18th international conference on World wide web
MUTEC: Mutation-based testing of Cross Site Scripting

IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
SWAP: Mitigating XSS attacks using a reverse proxy

IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
Constructing a "Common cross site scripting vulnerabilities enumeration (CXE)" using CWE and CVE

ICISS'07 Proceedings of the 3rd international conference on Information systems security
VEX: vetting browser extensions for security vulnerabilities

USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Mitigating program security vulnerabilities: Approaches and challenges

ACM Computing Surveys (CSUR)

Quantified Score

Hi-index	0.00

Visualization

Abstract

The following paper describes the requirements and contraints of testing a web application system for the Austrian Chamber of Commerce. It seperates the testing task into two parts - one for testing the web architecture and one for testing the internet ...