Security

Defending Against Web Vulnerabilities and Cross-Site Scripting

Date Added: May 2012
Format: PDF

Researchers have devised multiple solutions to cross-site scripting, but vulnerabilities persists in many Web applications due to developer's lack of expertise in the problem identification and their unfamiliarity with the current mechanisms. As proclaimed by the experts, cross-site scripting is among the serious and widespread threats in Web applications these days more than buffer overflows. Recent study shows XSS has ranked first in the MITRE Common Weakness Enumeration (CWE)/SANS Institute list of Top 25 Most Dangerous Software Errors and second in the Open Web Application Security Project (OWASP). However, vulnerabilities continue to exist in many Web applications due to developers' lack of understanding of the problem and their unfamiliarity with current guarding strengths and limitations.