This report investigates whether a vulnerability found in one web framework may be used to find a vulnerability in a different web framework. To test this hypothesis, several open source applications were installed in a secure test environment together with security analysis tools. Each one of the applications were developed using a different software framework. The results show that a vulnerability identified in one framework can often be used to find similar vulnerabilities in other frameworks. Crosssite scripting security issues are the most likely to succeed when being applied to more than one framework.
|Publication status||Published - 2010|
|Event||7th International Symposium on Communication Systems Networks and Digital Signal processing (CSNDSP) - Northumbria University, Newcastle upon Tyne|
Duration: 21 Jul 2010 → …
|Conference||7th International Symposium on Communication Systems Networks and Digital Signal processing (CSNDSP)|
|Period||21/07/10 → …|