文章基本信息

标题：A Brief Study on Defining Templates to Avoid XSS Vulnerabilities Using Auto Escape Templates for Web Applications
本地全文：下载
作者：Ch Rajesh ; K S V K Srikanth ; I S L Sarwani 等
期刊名称：International Journal of Computer Science and Information Technologies
电子版ISSN：0975-9646
出版年度：2015
卷号：6
期号：5
页码：4171-4173
出版社：TechScience Publications
摘要：Cross-site scripting (XSS) is a type of computer security vulnerabilities typically found in Web applications. XSS enables attackers to inject client-side script into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy (refer Fig:1). Cross-site scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by Symantecas of 2007 [1]. Their effect may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner. General Terms:Web Security, Vulnerability, Templates, Security Attack, Web Application Security, Attacks from Third Parry Web Sites.
关键词：XSS; Cross Site Scripting; Auto Escape Templates;C Templates; Template Parsers