PDF] Figure 1: Architecture of XSS attack Injection of code into

This work aims at developing a solution in web applications undergo rigorous testing by being a target to the engine and consequently finding flaws embedded within them. 549 Published By: Blue Eyes Intelligence Engineering & Sciences Publication Retrieval Number: F2318037619/19©BEIESP  Abstract: Web applications actively replace native applications due to their flexible nature. They can be easily deployed and scaled, which require constant interaction with the user machine for software updates. Widespread use of cloud computing [10] has resulted in favoring web applications for easy deployment and scalability. Today the movement of software applications to the web has resulted to web application vulnerabilities [1]. Instead of targeting multiple operating systems or platforms, attackers can focus on exploiting web applications for compromising sensitive information. Web browsers act as the interface between the user and the web and are crucial for user security. The client-side attacks can result in the compromise of credentials and identity theft. In this paper, totally three models are developed namely Injection of code into un-sanitized parameters, Browser exploitation techniques and Manipulation of application registries which serve as the basis for exploiting and subsequently preventing cross-site scripting vulnerabilities [3]. By using these models as a foundation, the attacks are minimized in a large scale. In this work the results shows that, for the random sample of attack vectors 4, 2, 9, the vulnerability score is 0, which is considered to be minimum and forth random sample of attack vectors 2, 5, 7 the vulnerability score is 89.12 which is considered to be maximum. This work aims at developing a solution in web applications undergo rigorous testing by being a target to the engine and consequently finding flaws embedded within them.

XSS.pdf

Detecting web attacks with end-to-end deep learning, Journal of Internet Services and Applications

PDF) XSSDS: server-side detection of cross-site scripting attacks

Future Internet, Free Full-Text

4 IFrame Security Concerns You Should Know, by Piumi Liyana Gunawardhana

Cost-effective detection system of cross-site scripting attacks using hybrid learning approach - ScienceDirect

Cross-Site Scripting Attacks and Defensive Techniques: A Comprehensive Survey*

SEBASTiAn: A static and extensible black-box application security testing tool for iOS and Android applications - SoftwareX

Cross-Site Scripting Attacks and Defensive Techniques: A Comprehensive Survey*

Remote MS Office template injection, by Tho Le

Guest Post: Cross Site Scripting with ChEF - A Beginners Guide Security, Insights, and Results for your Drupal or WordPress Website

SQL Injection attack using the XSS

Full article: Case Study: Extenuation of XSS Attacks through Various Detecting and Defending Techniques

Fatal injection: a survey of modern code injection attack countermeasures [PeerJ]

Cross-site Scripting (XSS) Attack: All You Need to Know - Astra Security Blog