Some security issues for web based frameworks

P. Roberts-Morpeth, Jeremy Ellman

Research output: Contribution to conferencePaperpeer-review

5 Citations (Scopus)

Abstract

This report investigates whether a vulnerability found in one web framework may be used to find a vulnerability in a different web framework. To test this hypothesis, several open source applications were installed in a secure test environment together with security analysis tools. Each one of the applications were developed using a different software framework. The results show that a vulnerability identified in one framework can often be used to find similar vulnerabilities in other frameworks. Crosssite scripting security issues are the most likely to succeed when being applied to more than one framework.
Original languageEnglish
Publication statusPublished - 2010
Event7th International Symposium on Communication Systems Networks and Digital Signal processing (CSNDSP) - Northumbria University, Newcastle upon Tyne
Duration: 21 Jul 2010 → …
http://www.csndsp.com/

Conference

Conference7th International Symposium on Communication Systems Networks and Digital Signal processing (CSNDSP)
Period21/07/10 → …
Internet address

Keywords

  • cross-site scripting
  • open source applications
  • secure test environment
  • security analysis tools
  • vulnerability identification

Fingerprint

Dive into the research topics of 'Some security issues for web based frameworks'. Together they form a unique fingerprint.

Cite this