Журнал «Современная Наука»

Russian (CIS)English (United Kingdom)
 MOSCOW +7(495)-142-86-81

BUILDING A SYSTEM FOR SEARCHING FOR WEB APPLICATION ENTITIES VULNERABLE TO CROSS-SITE SCRIPTING

Shipulin Georgy Farizovich  (PhD in Law, Associate Professor, Department KB-1 "Information Security", Russian Technological University (RTU MIREA), Moscow)

Shabalin Aleksandr Denisovich  (Moscow Polytechnic University, Moscow)

Spevakova Svetlana Viktorovna  (Assistant, Department "Information Security", Moscow Polytechnic University, Moscow)

The article is devoted to the issues related to the search for web application entities vulnerable to cross-site scripting. The paper considered the concept of cross-site scripting (XSS vulnerabilities), its main types (Reflected XSS, Stored XSS and DOM-based XSS), and described a general approach to finding this type of vulnerability in web applications. In addition, based on the analysis of existing automated search tools for web application entities vulnerable to cross-site scripting (XSS vulnerability scanners), their main limitations are identified (insufficient accuracy in identifying vulnerable entities and lack of support for processing all types of entities), the architecture of the developed system for searching for web application entities vulnerable to cross-site scripting and the relationship of its modules. The developed system covers the analysis of various types of web application entities, including user input elements, URL parameters, HTTP protocol headers, and dynamic DOM tree elements.

Keywords:cross-site scripting, web application, vulnerability scanning, security analysis, vulnerability scanners
 

Read the full article …

Citation link:
Shipulin G. F., Shabalin A. D., Spevakova S. V. BUILDING A SYSTEM FOR SEARCHING FOR WEB APPLICATION ENTITIES VULNERABLE TO CROSS-SITE SCRIPTING // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2025. -№04/2. -С. 144-146 DOI 10.37882/2223-2966.2025.04-2.34
LEGAL INFORMATION:
Reproduction of materials is permitted only for non-commercial purposes with reference to the original publication. Protected by the laws of the Russian Federation. Any violations of the law are prosecuted.
© ООО "Научные технологии"

Terms Publications

Issues of the journals (Archive)

ECONOMICS AND LAW
HUMANITIES
NATURAL AND TECHNICAL SCIENCES
COGNITION

Серия - Natural and Technical Sciences