Skip to content
2000
  1. Home
  2. A-Z Publications
  3. Recent Patents on Engineering
  4. Volume 19, Issue 6
  5. Article
Volume 19, Issue 6
  • ISSN: 1872-2121
  • E-ISSN: 2212-4047

Abstract

Web apps hold important information, such as login tokens and individual data, and cybercriminals repeatedly target attackers. Cross-site scripting is one of the most frequent vulnerabilities in web apps. Several techniques and patents are used to mitigate these vulnerabilities. Several 100 articles from a review of research papers published between 2005 and 2023 were considered. This paper reviewed different techniques and tools to detect cross-site scripting attacks, and it will be helpful to understand, analyze, and develop a strategy to deal with them. This paper focuses on different methods and tools for identifying cross-site scripting (XSS) attacks. Also, it depicts the strengths and shortcomings of the existing proposed method. Additionally, it will help to understand existing open issues or challenges faced by previous researchers.

© 2025 Bentham Science Publishers
Loading

Article metrics loading...

/content/journals/eng/10.2174/0118722121293163240212030405
2024-02-21
2025-07-05

  • From This Site

    /content/journals/eng/10.2174/0118722121293163240212030405
    dcterms_title,dcterms_subject,pub_keyword
    -contentType:Contributor -contentType:Concept -contentType:Institution
    10
    5
Loading full text...

Full text loading...

References

  1. RaghunathK. K. KumarV. V. VenkatesanM. SinghK. K. MaheshT. SinghA. XGBoost regression classifier (XRC) model for cyber attack detection and classification using inception V4.J. Web Eng.202221041295132210.13052/jwe1540‑9589.21413
     [Google Scholar]
  2. SharmaS. GuptaN. BundelaD.B. A GWO-XG Boost machine learning classifier for detecting malware executables.2023 International Conference on Disruptive Technologies (ICDT), 2023pp. 247-251 Greater Noida, India.
     [Google Scholar]
  3. SharmaS. YadavN.S. Ensemble-based machine learning techniques for attack detection.2021 9th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO), 2021 03-04 September 2021, Noida, India.10.1109/ICRITO51393.2021.9596152
     [Google Scholar]
  4. WuQ. XiaS. FanQ. LiZ. Performance analysis of IEEE 802.11 p for continuous backoff freezing in IoV.Electronics2019812140410.3390/electronics8121404
     [Google Scholar]
  5. WuQ. WangX. FanQ. FanP. ZhangC. LiZ. High stable and accurate vehicle selection scheme based on federated edge learning in vehicular networks.China Commun.202320311710.23919/JCC.2023.03.001
     [Google Scholar]
  6. ZhouN.R. ZhangT.F. XieX.W. WuJ.Y. Hybrid quantum–classical generative adversarial networks for image generation via learning discrete distribution.Signal Process. Image Commun.202311011689110.1016/j.image.2022.116891
     [Google Scholar]
  7. GuptaB. AgrawalD.P. YamaguchiS. Handbook of research on modern cryptographic solutions for computer and cyber security.IGI global201610.4018/978‑1‑5225‑0105‑3
     [Google Scholar]
  8. Di LuccaG.A. FasolinoA.R. Testing Web-based applications: The state of the art and future trends.Inf. Softw. Technol.200648121172118610.1016/j.infsof.2006.06.006
     [Google Scholar]
  9. A method to detect and analysis the web-based vulnerability.India Patent
     [Google Scholar]
  10. GrossmanJ. FogieS. HansenR. RagerA. PetkovP.D. XSS attacks: cross site scripting exploits and defense.Syngress2007
     [Google Scholar]
  11. HydaraI. SultanA.B.M. ZulzalilH. AdmodisastroN. Current state of research on cross-site scripting (XSS) – A systematic literature review.Inf. Softw. Technol.20155817018610.1016/j.infsof.2014.07.010
     [Google Scholar]
  12. StolfoY.S.D.K.J. Detecting network anomalies by probabilistic modeling of argument strings with markov chains.US Patent 9253201B2
     [Google Scholar]
  13. Detection of abnormal behavior using probabilistic distribution estimation.US Patent 7561991B2
     [Google Scholar]
  14. MaytalB. Multi-dimensional visualization of cyber threats serving as a base for operator guidance.WO Patent 2020176066A1
     [Google Scholar]
  15. YusofI. PathanA-S.K. Preventing persistent Cross-Site Scripting (XSS) attack by applying pattern filtering approach.The 5th International Conference on Information and Communication Technology for The Muslim World (ICT4M), 2014 17-18 November 2014, Kuching, Malaysia.10.1109/ICT4M.2014.7020628
     [Google Scholar]
  16. WichersD. WilliamsJ. Owasp top-10 2017.OWASP Foundation201734
     [Google Scholar]
  17. AyeniB.K. SahaluJ.B. AdeyanjuK.R. Detecting cross-site scripting in web applications using fuzzy inference system.J. Comput. Netw. Commun.2018201810.1155/2018/8159548
     [Google Scholar]
  18. MI. KaurM. RajM. RS. LeeH.N. Cross channel scripting and code injection attacks on web and cloud-based applications: A comprehensive review.Sensors2022225195910.3390/s2205195935271112
     [Google Scholar]
  19. KirdaE. JovanovicN. KruegelC. VignaG. Client-side cross-site scripting protection.Comput Secur.20092859260410.1016/j.cose.2009.04.008
     [Google Scholar]
  20. SharmaS. YadavN.S. A grey wolf optimized xgboost-multilayer stacking approach to detect XSS attacks.J. Inst. Electron. Telecommun. Eng.202311610.1080/03772063.2023.2264251
     [Google Scholar]
  21. SharmaS. YadavN.S. A multilayer stacking classifier based on nature-inspired optimization for detecting cross-site scripting attack.IJMIT20231584283429010.1007/s41870‑023‑01459‑5
     [Google Scholar]
  22. RodríguezG.E. TorresJ.G. FloresP. BenavidesD.E. Cross-site scripting (XSS) attacks and mitigation: A survey.Comput. Netw.202016610696010.1016/j.comnet.2019.106960
     [Google Scholar]
  23. LiX. XueY. A survey on server-side approaches to securing web applications.ACM Comput. Surv.201446412910.1145/2541315
     [Google Scholar]
  24. AladeI.O. ZhangY. XuX. Modeling and prediction of lattice parameters of binary spinel compounds (AM 2 X 4 ) using support vector regression with Bayesian optimization.New J. Chem.20214534152551526610.1039/D1NJ01523K
     [Google Scholar]
  25. ZhangY. XuX. Solubility predictions through LSBoost for supercritical carbon dioxide in ionic liquids.New J. Chem.20204447205442056710.1039/D0NJ03868G
     [Google Scholar]
  26. XuX. ZhangY. Corn cash price forecasting with neural networks.Comput. Electron. Agric.202118410612010.1016/j.compag.2021.106120
     [Google Scholar]
  27. XuX. ZhangY. Thermal coal price forecasting via the neural network.ISWA20221420008410.1016/j.iswa.2022.200084
     [Google Scholar]
  28. XuX. ZhangY. Commodity price forecasting via neural networks for coffee, corn, cotton, oats, soybeans, soybean oil, sugar, and wheat.Int. J. Intell. Syst. Account. Finance Manage.202229316918110.1002/isaf.1519
     [Google Scholar]
  29. GongL.H. PeiJ.J. ZhangT.F. ZhouN.R. Quantum convolutional neural network based on variational quantum circuits.Opt. Commun.202455012999310.1016/j.optcom.2023.129993
     [Google Scholar]
  30. JohariR. SharmaP. A survey on web application vulnerabilities (SQLIA, XSS) exploitation and security engine for SQL injection.2012 International Conference on Communication Systems and Network Technologies, 2012 11-13 May 2012, Rajkot, Gujarat, India.10.1109/CSNT.2012.104
     [Google Scholar]
  31. ScholteT. BalzarottiD. KirdaE. Have things changed now? An empirical study on input validation vulnerabilities in web applications.Comput. Secur.201231334435610.1016/j.cose.2011.12.013
     [Google Scholar]
  32. BiswasA. MajumderD. Genetic algorithm based hybrid fuzzy system for assessing morningness.Adv. Fuzzy Syst.201420141910.1155/2014/732831
     [Google Scholar]
  33. FelmetsgerV. CavedonL. KruegelC. VignaG. Toward automated detection of logic vulnerabilities in web applications.USENIX Security Symposium2010
     [Google Scholar]
  34. GuptaB.B. ChaudharyP. Cross-site scripting attacks: classification, attack, and countermeasures.CRC Press202010.1201/9780429351327
     [Google Scholar]
  35. LiuK.-L. Network information security inspection system.Taiwan Patent
     [Google Scholar]
  36. StuttardD. PintoM. The web application hacker’s handbook: Finding and exploiting security flaws.John Wiley & Sons2011
     [Google Scholar]
  37. SullivanB. LiuV. Web application security, a beginner’s guide.McGraw-Hill Education Group2011
     [Google Scholar]
  38. Another Ebay permanent XSS.Available from: http://xssed.com/
  39. GuptaS. GuptaB.B. Cross-Site Scripting (XSS) attacks and defense mechanisms: Classification and state-of-the-art.Int. J. Syst. Assur. Eng. Manag.20178S151253010.1007/s13198‑015‑0376‑0
     [Google Scholar]
  40. HydaraI. SultanA.B.M. ZulzalilH. AdmodisastroN. An approach for cross-site scripting detection and removal based on genetic algorithms.The Ninth International Conference on Software Engineering Advances ICSEA2014
     [Google Scholar]
  41. LiZ. AlrwaisS. WangX. AlowaisheqE. Hunting the red fox online: Understanding and detection of mass redirect-script injections.2014 IEEE Symposium on Security and Privacy, 2014 pp. 3-1810.1109/SP.2014.8
     [Google Scholar]
  42. MohammadiM. ChuB. LipfordH.R. Murphy-HillE. Automatic web security unit testing: XSS vulnerability detection.Proceedings of the 11th International Workshop on Automation of Software Test, 2016pp. 78-8410.1145/2896921.2896929
     [Google Scholar]
  43. Xiuno.Available from: https://github.com/xiuno
  44. W. a. cookies.Available from: http://www.whatarecookies.com/
  45. FaghaniM.R. NguyenU.T. A study of XSS worm propagation and detection mechanisms in online social networks.IEEE Trans. Inf. Forensics Security20138111815182610.1109/TIFS.2013.2280884
     [Google Scholar]
  46. DukesL. YuanX. AkowuahF. A case study on web application security testing with tools and manual testing.2013 Proceedings of IEEE Southeastcon, 2013pp. 1-6.
     [Google Scholar]
  47. RochaT.S. SoutoE. Etssdetector: A tool to automatically detect cross-site scripting vulnerabilities.2014 IEEE 13th International Symposium on Network Computing and Applications (NCA)201410.1109/NCA.2014.53
     [Google Scholar]
  48. Category:OWASP WebScarab Project.Available from: https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
  49. htmLawed.Available from: https://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/
  50. ImmuneWeb on-demand.Available from: https://www.immuniweb.com/products/ondemand/. 2014
  51. NewsAvailable from: https://xsser.03c8.net/
  52. Automated scanning.Available from: https://support.portswigger.net/customer/portal/articles/1783127-using-burp-scanner
  53. Available from: www.extrahop.com/company/blog/2019/what-is-cross-site-scripting-and-how-to-prevent-xss
  54. KirdaE. KruegelC. VignaG. JovanovicN. Noxes: A client-side solution for mitigating cross-site scripting attacks.Proceedings of the 2006 ACM symposium on Applied computing, 2006 pp. 330-337.10.1145/1141277.1141357
     [Google Scholar]
  55. FaghaniM.R. SaidiH. Social networks’ XSS worms.2009 International Conference on Computational Science and Engineering, 2009 pp. 1137-1141.10.1109/CSE.2009.424
     [Google Scholar]
  56. SunF. XuL. SuZ. Client-side detection of XSS worms by monitoring payload propagation.Proceedings Computer Security–ESORICS 2009: 14th European Symposium on Research in Computer Security200914539554Saint-Malo, France, September 21-23, 2009.
     [Google Scholar]
  57. GalánE. AlcaideA. OrfilaA. BlascoJ. A multi-agent scanner to detect stored-XSS vulnerabilities.2010 International Conference for Internet Technology and Secured Transactions, 2010pp. 1-6.
     [Google Scholar]
  58. ChaudhuriA. FosterJ.S. Symbolic security analysis of ruby-on-rails web applications.Proceedings of the 17th ACM conference on Computer and communications security, 2010pp. 585-594.10.1145/1866307.1866373
     [Google Scholar]
  59. Sharath ChandraV. SelvakumarS. BIXSAN: Browser independent XSS sanitizer for prevention of XSS attacks.ACM SIGSOFT Softw. Eng. Notes20113617
     [Google Scholar]
  60. Van GundyM. ChenH. Noncespaces: Using randomization to defeat cross-site scripting attacks.Comput Secur.201231612628
     [Google Scholar]
  61. SharL.K. TanH.B.K. Automated removal of cross site scripting vulnerabilities in web applications.Inf. Softw. Technol.201254546747810.1016/j.infsof.2011.12.006
     [Google Scholar]
  62. SharL.K. TanH.B.K. Predicting SQL injection and cross site scripting vulnerabilities through mining input sanitization patterns.Inf. Softw. Technol.201355101767178010.1016/j.infsof.2013.04.002
     [Google Scholar]
  63. ChanG.Y. LeeC.S. HengS.H. Discovering fuzzy association rule patterns and increasing sensitivity analysis of XML-related attacks.J. Netw. Comput. Appl.201336282984210.1016/j.jnca.2012.11.006
     [Google Scholar]
  64. ChoraM. KozikR. Machine learning techniques applied to detect cyber attacks on web applications.Log. J. IGPL.2015231455610.1093/jigpal/jzu038
     [Google Scholar]
  65. GuptaS. GuptaB.B. Enhanced XSS defensive framework for web applications deployed in the virtual machines of cloud computing environment.Procedia Technol.2016241595160210.1016/j.protcy.2016.05.152
     [Google Scholar]
  66. GuptaS. GuptaB.B. CSSXC: Context-sensitive sanitization framework for Web applications against XSS vulnerabilities in cloud environments.Procedia Comput. Sci.20168519820510.1016/j.procs.2016.05.211
     [Google Scholar]
  67. AhmedM.A. AliF. Multiple-path testing for cross site scripting using genetic algorithms.J. Systems Archit.201664506210.1016/j.sysarc.2015.11.001
     [Google Scholar]
  68. MarashdihA.W. ZaabaZ.F. Cross site scripting: Removing approaches in web application.Procedia Comput. Sci.201712464765510.1016/j.procs.2017.12.201
     [Google Scholar]
  69. KhanN. AbdullahJ. KhanA.S. Defending malicious script attacks using machine learning classifiers.Wirel Commun Mob Comput.20172017
     [Google Scholar]
  70. McGladeD. Scott-HaywardS. ML-based cyber incident detection for Electronic Medical Record (EMR) systems.Smart Health20191232310.1016/j.smhl.2018.05.001
     [Google Scholar]
  71. MishraP. VaradharajanV. TupakulaU. PilliE.S. A detailed investigation and analysis of using machine learning techniques for intrusion detection.IEEE Commun. Surv. Tutor.201921168672810.1109/COMST.2018.2847722
     [Google Scholar]
  72. XinY. KongL. LiuZ. ChenY. LiY. ZhuH. GaoM. HouH. WangC. Machine learning and deep learning methods for cybersecurity.IEEE Access20186353653538110.1109/ACCESS.2018.2836950
     [Google Scholar]
  73. LekiesS. StockB. JohnsM. 25 million flows later: Large-scale detection of DOM-based XSS.Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, 2013pp. 1193-1204.10.1145/2508859.2516703
     [Google Scholar]
  74. ChaudharyP. GuptaB.B. GuptaS. A framework for preserving the privacy of online users against XSS worms on online social network.Int. J. Inf. Technol. Web Eng.20191418511110.4018/IJITWE.2019010105
     [Google Scholar]
  75. MuklasonA. SyahraniG.B. MaromA. Great deluge based hyper-heuristics for solving real-world university examination timetabling problem: New data set and approach.Procedia Comput. Sci.201916164765510.1016/j.procs.2019.11.168
     [Google Scholar]
  76. FalanaO.J. EboI.O. TinubuC.O. AdejimiO.A. NtukA. Detection of cross-site scripting attacks using dynamic analysis and fuzzy inference system.2020 International Conference in Mathematics, Computer Engineering and Computer Science (ICMCECS), 2020pp. 1-6.10.1109/ICMCECS47690.2020.240871
     [Google Scholar]
  77. TariqI. SindhuM.A. AbbasiR.A. KhattakA.S. MaqboolO. SiddiquiG.F. Resolving cross-site scripting attacks through genetic algorithm and reinforcement learning.Expert Syst. Appl.202116811438610.1016/j.eswa.2020.114386
     [Google Scholar]
  78. MokbalF.M.M. DanW. XiaoxiW. WenbinZ. LihuaF. XGBXSS: An extreme gradient boosting detection framework for cross-site scripting attacks based on hybrid feature selection approach and parameters optimization.J. Inf. Secur. Appl.20215810281310.1016/j.jisa.2021.102813
     [Google Scholar]
  79. CaturanoF. PerroneG. RomanoS.P. Discovering reflected cross-site scripting vulnerabilities using a multiobjective reinforcement learning environment.Comput. Secur.202110310220410.1016/j.cose.2021.102204
     [Google Scholar]
  80. GuptaC. SinghR.K. MohapatraA.K. GeneMiner: A classification approach for detection of XSS attacks on web services.Comput Intell Neurosci202220223675821
     [Google Scholar]
  81. LiX. WangT. ZhangW. NiuX. ZhangT. ZhaoT. An LSTM based cross-site scripting attack detection scheme for Cloud Computing environments.Journal of Cloud Computing202312112
     [Google Scholar]
  82. SharmaS. YadavN.S. WOA-XGboost classifier to detect XSS attacks.AIP Conf. Proc.2023278202006110.1063/5.0154460
     [Google Scholar]
  83. TangS. GrierC. AciicmezO. KingS.T. Alhambra: A system for creating, enforcing, and testing browser security policies.Proceedings of the 19th international conference on World wide web, 2010pp. 941-950.10.1145/1772690.1772786
     [Google Scholar]
  84. CaoY. YegneswaranV. PorrasP. ChenY. Poster: a path-cutting approach to blocking XSS worms in social web networks.Proceedings of the 18th ACM conference on Computer and communications security, 2011pp. 745-74810.1145/2046707.2093483
     [Google Scholar]
  85. Van AckerS. NikiforakisN. DesmetL. JoosenW. PiessensF. FlashOver: Automated discovery of cross-site scripting vulnerabilities in rich internet applications.Proceedings of the 7th ACM symposium on information, computer and communications security, 2012pp. 12-13.10.1145/2414456.2414462
     [Google Scholar]
  86. SalasM.I.P. MartinsE. Security testing methodology for vulnerabilities detection of xss in web services and ws-security.Electron. Notes Theor. Comput. Sci.201430213315410.1016/j.entcs.2014.01.024
     [Google Scholar]
  87. RazzaqA. LatifK. AhmadH.F. HurA. AnwarZ. BloodsworthP.C. Semantic security against web application attacks.Inf. Sci.2014254193810.1016/j.ins.2013.08.007
     [Google Scholar]
  88. SalehA.Z.M. RozaliN.A. BujaA.G. JalilK.A. AliF.H.M. RahmanT.F.A. A method for web application vulnerabilities detection by using Boyer-Moore string matching algorithm.Procedia Comput. Sci.20157211212110.1016/j.procs.2015.12.111
     [Google Scholar]
  89. KazemianH.B. AhmedS. Comparisons of machine learning techniques for detecting malicious webpages.Expert Syst. Appl.20154231166117710.1016/j.eswa.2014.08.046
     [Google Scholar]
  90. WangR. XuG. ZengX. LiX. FengZ. TT-XSS: A novel taint tracking based dynamic detection framework for DOM Cross-Site Scripting.J. Parallel Distrib. Comput.201811810010610.1016/j.jpdc.2017.07.006
     [Google Scholar]
  91. GuptaS. GuptaB.B. ChaudharyP. Hunting for DOM-based XSS vulnerabilities in mobile cloud-based online social network.Future Gener. Comput. Syst.20187931933610.1016/j.future.2017.05.038
     [Google Scholar]
  92. NiakanlahijiA. JafarianJ.H. Webmtd: Defeating cross-site scripting attacks using moving target defense.Security and Communication Networks20192019
     [Google Scholar]
  93. JainR. BhatnagarR. Applications of machine learning in cyber security-a review and a conceptual framework for a university setup.The International Conference on Advanced Machine Learning Technologies and Applications (AMLTA2019) 4, 2020pp. 599-608.10.1007/978‑3‑030‑14118‑9_60
     [Google Scholar]
  94. KruegelC. VignaG. RobertsonW. A multi-model approach to the detection of web-based attacks.Comput. Netw.200548571773810.1016/j.comnet.2005.01.009
     [Google Scholar]
  95. HuangY.W. TsaiC.H. LinT.P. HuangS.K. LeeD.T. KuoS.Y. A testing framework for Web application security assessment.Comput. Netw.200548573976110.1016/j.comnet.2005.01.003
     [Google Scholar]
  96. PelizziR. SekarR. Protection, usability and improvements in reflected XSS filters.proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, 2012pp. 5-5.10.1145/2414456.2414458
     [Google Scholar]
  97. NandaS. LamL-C. ChiuehT-c. Dynamic multi-process information flow tracking for web application security.Proceedings of the 2007 ACM/IFIP/USENIX international conference on Middleware companion, 2007pp. 1-20.10.1145/1377943.1377956
     [Google Scholar]
  98. ParameshwaranI. BudiantoE. ShindeS. DangH. SadhuA. SaxenaP. DexterJS: robust testing platform for DOM-based XSS vulnerabilities.Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, 2015pp. 946-949.10.1145/2786805.2803191
     [Google Scholar]
  99. StockB. PfistnerS. KaiserB. LekiesS. JohnsM. From facepalm to brain bender: Exploring client-side cross-site scripting.Proceedings of the 22nd ACM SIGSAC conference on computer and communications security, 2015pp. 1419-1430.10.1145/2810103.2813625
     [Google Scholar]
  100. XiaoW. SunJ. ChenH. XuX. Preventing client side XSS with rewrite based dynamic information flow.2014 Sixth International Symposium on Parallel Architectures, Algorithms and Programming, 2014pp. 238-243.10.1109/PAAP.2014.10
     [Google Scholar]
  101. ZhangQ. ChenH. SunJ. An execution-flow based method for detecting cross-site scripting attacks.The 2nd International Conference on Software Engineering and Data Mining, 2010 23-25 June 2010, Chengdu, China.
     [Google Scholar]
  102. GuptaS. GuptaB.B. Automated discovery of JavaScript code injection attacks in PHP web applications.Procedia Comput. Sci.201678828710.1016/j.procs.2016.02.014
     [Google Scholar]
  103. DucheneF. GrozR. RawatS. RichierJ-L. XSS vulnerability detection using model inference assisted evolutionary fuzzing.2012 IEEE Fifth International Conference on Software Testing, Verification and Validation, 2012pp. 815-817.10.1109/ICST.2012.181
     [Google Scholar]
  104. VijayalakshmiK. LeemaA.A. Eradicating cross site scripting attack for a secure web access.Int. J. Appl. Eng. Res.2017121017610183
     [Google Scholar]
  105. DuaS. DuX. Data mining and machine learning in cybersecurity.CRC press201610.1201/b10867
     [Google Scholar]
  106. KaurG. PandeB. BhardwajA. BhagatG. GuptaS. Efficient yet robust elimination of XSS attack vectors from HTML5 web applications hosted on OSN-based cloud platforms.Procedia Comput. Sci.201812566967510.1016/j.procs.2017.12.086
     [Google Scholar]
  107. GuptaS. SharmaL. Exploitation of cross-site scripting (XSS) vulnerability on real world web applications and its defense.Int. J. Comput. Appl.20126014283310.5120/9762‑3594
     [Google Scholar]
  108. PutthacharoenR. BunyatnoparatP. Protecting cookies from cross site script attacks using dynamic cookies rewriting technique.13th International Conference on Advanced Communication Technology (ICACT2011), 2011pp. 1090-1094.
     [Google Scholar]
  109. SharL.K. TanH.B.K. Predicting common web application vulnerabilities from input validation and sanitization code patterns.Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering, 2012pp. 310-313.10.1145/2351676.2351733
     [Google Scholar]
  110. KrishnanM. LimY. PerumalS. PalanisamyG. Detection and defending the XSS attack using novel hybrid stacking ensemble learning-based DNN approach.Digit. Commun. Netw202210.1016/j.dcan.2022.09.024
     [Google Scholar]
  111. Fathollahi-FardA.M. Hajiaghaei-KeshteliM. Tavakkoli-MoghaddamR. Red deer algorithm (RDA): A new nature-inspired meta-heuristic.Soft Comput.20202419146371466510.1007/s00500‑020‑04812‑z
     [Google Scholar]
/content/journals/eng/10.2174/0118722121293163240212030405
Loading
Review on Detection and Prevention Techniques of Scripting Attacks: Gaps, Challenges and Suggestions
Recent Pat Eng 19, E210224227243 (2025); https://doi.org/10.2174/0118722121293163240212030405
/content/journals/eng/10.2174/0118722121293163240212030405
/content/journals/eng/10.2174/0118722121293163240212030405
Loading

Data & Media loading...


  • Article Type:     Review Article
Keyword(s): application vulnerabilities; Cross-site scripting attack; dom attack; intrusion detection; reflected attack; stored attack; web application; web security

Most Cited Most Cited RSS feed

This is a required field
Please enter a valid email address
Approval was a Success
Invalid data
An Error Occurred
Approval was partially successful, following selected items could not be processed due to error
Please enter a valid_number test