Static detection of cross-site scripting vulnerabilities

  title={Static detection of cross-site scripting vulnerabilities},
  author={Gary Wassermann and Zhendong Su},
  journal={2008 ACM/IEEE 30th International Conference on Software Engineering},
  • Gary Wassermann, Z. Su
  • Published 10 May 2008
  • Computer Science
  • 2008 ACM/IEEE 30th International Conference on Software Engineering
Web applications support many of our daily activities, but they often have security problems, and their accessibility makes them easy to exploit. [] Key Method Proper input validation is difficult largely because of the many ways to invoke the JavaScript interpreter; we face the same obstacle checking for vulnerabilities statically, and we address it by formalizing a policy based on the W3C recommendation, the Firefox source code, and online tutorials about closed-source browsers.

Figures and Tables from this paper

Automated removal of cross site scripting vulnerabilities in web applications

Countering Cross-Site Scripting in Web-based Applications

  • L. Ray
  • Computer Science
    Int. J. Strateg. Inf. Technol. Appl.
  • 2015
The authors address the causes of cross-site scripting XSS and countermeasures to defense against these threats.

Static Enforcement of Web Application Integrity Through Strong Typing

This work presents a web application framework that leverages existing work on strong type systems to statically enforce a separation between the structure and content of both web documents and database queries generated by a web applications, and shows how this approach can automatically prevent the introduction of both server-side cross-site scripting and SQL injection vulnerabilities.

Static analysis approaches to detect SQL injection and cross site scripting vulnerabilities in web applications: A survey

A classification of software security approaches used to develop secure software in various phase of software development life cycle is proposed and a survey of static analysis based approaches to detect SQL Injection and cross-site scripting vulnerabilities in source code of web applications are presented.

Exploitation of Cross-Site Scripting (XSS) Vulnerability on Real World Web Applications and its Defense

A novel technique of mitigating this XSS vulnerability by introducing a Sandbox environment on the web browser is discussed.

XSSDM: Towards detection and mitigation of cross-site scripting vulnerabilities in web applications

Experimental results show that proposed approach based tool outperforms over existing popular open source tools in the detection of XSS vulnerabilities.

Techniques and tools for engineering secure web applications

This dissertation provides the first principled characterization, based on concepts from programming languages and compilers, for such vulnerabilities, with formal definitions for SQL injection and XSS in particular.

Program analyses of web applications for detecting application-specific vulnerabilities

This dissertation presents novel, practical program analyses to detect web application vulnerabilities, especially application-specific ones, and describes the first static analysis that infers and enforces implicit access control assumptions in e-commerce applications.

Static Detection of Access Control Vulnerabilities in Web Applications

This paper describes the first static analysis that automatically detects access control vulnerabilities in web applications and describes the core of the analysis is a technique that statically infers and enforces implicit access control assumptions.

Detection & prevention of vulnerabilities in web applications

The thesis introduces two detection tools that target Unvalidated Redirects and Forwards (URF) and Cross-site Scripting (XSS) vulnerabilities and presents a new attack model Covert Redirect, related to the prevention of DOM-based XSS.



Finding Security Vulnerabilities in Java Applications with Static Analysis

This paper proposes a static analysis technique for detecting many recently discovered application vulnerabilities such as SQL injections, cross-site scripting, and HTTP splitting attacks based on a scalable and precise points-to analysis.

Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis

The solution presented in this paper stops XSS attacks on the client side by tracking the flow of sensitive information inside the web browser and if sensitive information is about to be transferred to a third party, the user can decide if this should be permitted or not.

Noxes: a client-side solution for mitigating cross-site scripting attacks

Noxes is presented, which is, to the best of the knowledge, the first client-side solution to mitigate cross-site scripting attacks and effectively protects against information leakage from the user's environment while requiring minimal user interaction and customization effort.

Pixy: a static analysis tool for detecting Web application vulnerabilities

This paper uses flow-sensitive, interprocedural and context-sensitive dataflow analysis to discover vulnerable points in a program and applies it to the detection of vulnerability types such as SQL injection, cross-site scripting, or command injection.

Sound and precise analysis of web applications for injection vulnerabilities

This paper proposes a precise, sound, and fully automated analysis technique for SQL injection that successfully discovered previously unknown and sometimes subtle vulnerabilities in real-world programs, has a low false positive rate, and scales to large programs.

Securing web application code by static analysis and runtime protection

A lattice-based static analysis algorithm derived from type systems and typestate is created, and its soundness is addressed, thus securing Web applications in the absence of user intervention and reducing potential runtime overhead by 98.4%.

Precise alias analysis for static detection of web application vulnerabilities

This paper addresses the problem of vulnerable web applications by means of static source code analysis by presenting a novel, precise alias analysis targeted at the unique reference semantics commonly found in scripting languages.

Static Detection of Security Vulnerabilities in Scripting Languages

A static analysis algorithm for detecting security vulnerabilities in PHP, a popular server-side scripting language for building web applications, is presented, finding 105 previously unknown security vulnerabilities, most of which it believes are remotely exploitable.

JavaScript instrumentation for browser security

A useful by-product of this work is an operational semantics of a core subset of JavaScript, where code embedded in (HTML) documents may generate further document pieces at runtime, yielding a form of self-modifying code.

Detecting malicious JavaScript code in Mozilla

This paper presents the first existing implementation of an auditing system for JavaScript interpreters and discusses the pitfalls and lessons learned in developing the auditing mechanism.