Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis

  title={Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis},
  author={Philipp Vogt and Florian Nentwich and Nenad Jovanovic and Engin Kirda and Christopher Kr{\"u}gel and Giovanni Vigna},
Cross-site scripting (XSS) is an attack against web applications in which scripting code is injected into the outp t of an application that is then sent to a user’s web browser. In the browser, this scripting code is executed and used to transfer sensitive data to a third party (i.e., the attacker ). Currently, most approaches attempt to prevent XSS on the server side by inspecting and modifying the data that is exchanged between the web application and the user. Unfortunately, it is often the… CONTINUE READING
Highly Influential
This paper has highly influenced 25 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 488 citations. REVIEW CITATIONS
305 Citations
22 References
Similar Papers


Publications citing this paper.
Showing 1-10 of 305 extracted citations

489 Citations

Citations per Year
Semantic Scholar estimates that this publication has 489 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-10 of 22 references

MyBB - Home

  • M. Group
  • http://www.mybboard. com/,
  • 2006

Perl Version 5.8.8 Documentation - Perlsec

  • J. Allen
  • 2006
1 Excerpt

Advisory: XSS in WebCal (v1.11-v3.04)

  • S. Bubrouski
  • 2005
1 Excerpt

Similar Papers

Loading similar papers…