Abstract
This report investigates whether a vulnerability found in one web framework may be used to find a vulnerability in a different web framework. To test this hypothesis, several open source applications were installed in a secure test environment together with security analysis tools. Each one of the applications were developed using a different software framework. The results show that a vulnerability identified in one framework can often be used to find similar vulnerabilities in other frameworks. Crosssite scripting security issues are the most likely to succeed when being applied to more than one framework.
Original language | English |
---|---|
Publication status | Published - 2010 |
Event | 7th International Symposium on Communication Systems Networks and Digital Signal processing (CSNDSP) - Northumbria University, Newcastle upon Tyne Duration: 21 Jul 2010 → … http://www.csndsp.com/ |
Conference
Conference | 7th International Symposium on Communication Systems Networks and Digital Signal processing (CSNDSP) |
---|---|
Period | 21/07/10 → … |
Internet address |
Keywords
- cross-site scripting
- open source applications
- secure test environment
- security analysis tools
- vulnerability identification