Current state of research on cross-site scripting (XSS) – a systematic literature review

Context: Cross-site scripting (XSS) is a security vulnerability that affects web applications. It occurs due to improper or lack of sanitization of user inputs. The security vulnerability caused many problems for users and server applications. Objective: To conduct a systematic literature review on the studies done on XSS vulnerabilities and attacks. Method: We followed the standard guidelines for systematic literature review as documented by Barbara Kitchenham and reviewed a total of 115 studies related to cross-site scripting from various journals and conference proceedings. Results: Research on XSS is still very active with publications across many conference proceedings and journals. Attack prevention and vulnerability detection are the areas focused on by most of the studies. Dynamic analysis techniques form the majority among the solutions proposed by the various studies. The type of XSS addressed the most is reflected XSS. Conclusion: XSS still remains a big problem for web applications, despite the bulk of solutions provided so far. There is no single solution that can effectively mitigate XSS attacks. More research is needed in the area of vulnerability removal from the source code of the applications before deployment

How to design browser security and privacy alerts

Browser security and privacy alerts must be designed to ensure they are of value to the end-user, and communicate risks efficiently. We performed a systematic literature review, producing a list of guidelines from the research. Papers were analysed quantitatively and qualitatively to formulate a comprehensive set of guidelines. Our findings seek to provide developers and designers with guidance as to how to construct security and privacy alerts. We conclude by providing an alert template, highlighting its adherence to the derived guidelines

ImageSubXSS: an image substitute technique to prevent Cross-Site Scripting attacks

Cross-Site Scripting (XSS) is one of serious web application attack. Web applications are involved in every activity of human life. JavaScript plays a major role in these web applications. In XSS attacks hacker inject malicious JavaScript into a trusted web application, execution of that malicious script may steal sensitive information from the user. Previous solutions to prevent XSS attacks require a lot of effort to integrate into existing web applications, some solutions works at client-side and some solutions works based on filter list which needs to be updated regularly. In this paper, we propose an Image Substitute technique (ImageSubXSS) to prevent Cross-Site Scripting attacks which works at the server-side. The proposed solution is implemented and evaluated on a number of XSS attacks. With a single line, developers can integrate ImageSubXSS into their applications and the proposed solution is able to prevent XSS attacks effectively

Analisis Kerentanan XSS dan Rate Limiting Pada Website SMAN 8 Denpasar Menggunakan Framework OWASP ZAP

Pada era digital sekarang hampir semua orang mengakses internet, Website merupakan salah satu situs yang ada di internet yang dapat menyimpan dan menyebarkan segala informasi. Seiring dengan perkembangan teknologi, keamanan suatu website mulai terancam karena maraknya serangan-serangan yang dilakukan oleh penjahat digital. Website yang memiliki sistem keamanan yang lemah akan rentan oleh serangan ancaman yang dapat terjadi sewaktu-waktu. Kasus kerentanan yang sering ditemui yakni Cross Site Scripting (XSS) dan Rate Limiting. Untuk mengantisipasi hal tersebut, aplikasi OWASP ZAP dapat dimanfaatkan untuk menguji kerentanan XSS yang ada pada sebuah website, salah satunya pada website sekolah SMA Negeri 8 Denpasar. Pengujian kerentanan XSS dilakukan dengan cara melakukan pemindaian, kemudian generate report. Melalui report tersebut, dilakukan analisis untuk membuktikan ada atau tidaknya kerentanan XSS pada website yang bersangkutan. Sedangkan, kerentanan Rate Limiting diuji secara manual pada fitur login website SMA Negeri 8 Denpasar, dengan cara memasukkan username dan password secara acak dan berulang-ulang. Kata Kunci—OWASP ZAP, Rate Limiting, XSS, Kerentana

A Bug Bounty Perspective on the Disclosure of Web Vulnerabilities

Bug bounties have become increasingly popular in recent years. This paper discusses bug bounties by framing these theoretically against so-called platform economy. Empirically the interest is on the disclosure of web vulnerabilities through the Open Bug Bounty (OBB) platform between 2015 and late 2017. According to the empirical results based on a dataset covering nearly 160 thousand web vulnerabilities, (i) OBB has been successful as a community-based platform for the dissemination of web vulnerabilities. The platform has also attracted many productive hackers, (ii) but there exists a large productivity gap, which likely relates to (iii) a knowledge gap and the use of automated tools for web vulnerability discovery. While the platform (iv) has been exceptionally fast to evaluate new vulnerability submissions, (v) the patching times of the web vulnerabilities disseminated have been long. With these empirical results and the accompanying theoretical discussion, the paper contributes to the small but rapidly growing amount of research on bug bounties. In addition, the paper makes a practical contribution by discussing the business models behind bug bounties from the viewpoints of platforms, ecosystems, and vulnerability markets.Comment: 17th Annual Workshop on the Economics of Information Security, Innsbruck, https://weis2018.econinfosec.org

Enhancing web application security through automated penetration testing with multiple vulnerability scanners.

Penetration testers have increasingly adopted multiple penetration testing scanners to ensure the robustness of web applications. However, a notable limitation of many scanning techniques is their susceptibility to producing false positives. This paper presents a novel framework designed to automate the operation of multiple Web Application Vulnerability Scanners (WAVS) within a single platform. The framework generates a combined vulnerabilities report using two algorithms: an automation algorithm and a novel combination algorithm that produces comprehensive lists of detected vulnerabilities. The framework leverages the capabilities of two web vulnerability scanners, Arachni and OWASP ZAP. The study begins with an extensive review of the existing scientific literature, focusing on open-source WAVS and exploring the OWASP 2021 guidelines. Following this, the framework development phase addresses the challenge of varying results obtained from different WAVS. This framework’s core objective is to combine the results of multiple WAVS into a consolidated vulnerability report, ultimately improving detection rates and overall security. The study demonstrates that the combined outcomes produced by the proposed framework exhibit greater accuracy compared to individual scanning results obtained from Arachni and OWASP ZAP. In summary, the study reveals that the Union List outperforms individual scanners, particularly regarding recall and F-measure. Consequently, adopting multiple vulnerability scanners is recommended as an effective strategy to bolster vulnerability detection in web applications

Developing an in house vulnerability scanner for detecting Template Injection, XSS, and DOM-XSS vulnerabilities

Web applications are becoming an essential part of today's digital world. However, with the increase in the usage of web applications, security threats have also become more prevalent. Cyber attackers can exploit vulnerabilities in web applications to steal sensitive information or take control of the system. To prevent these attacks, web application security must be given due consideration. Existing vulnerability scanners fail to detect Template Injection, XSS, and DOM-XSS vulnerabilities effectively. To bridge this gap in web application security, a customized in-house scanner is needed to quickly and accurately identify these vulnerabilities, enhancing manual security assessments of web applications. This thesis focused on developing a modular and extensible vulnerability scanner to detect Template Injection, XSS, and DOM-based XSS vulnerabilities in web applications. Testing the scanner against other free and open-source solutions on the market showed that it outperformed them on Template injection vulnerabilities and nearly all on XSS-type vulnerabilities. While the scanner has limitations, focusing on specific injection vulnerabilities can result in better performance