Abstract

Recently, the Email system is seriously threatened by the vulnerability attack, and XSS vulnerability is one of the most serious vulnerability of WEB mail system. In this paper, we proposed a crossing site script injection vulnerability detection method for WEB mail system, and developed a detection tool for a systematic. With the method we proposed, we can automatically construct attack vectors according to different attack surfaces, and generate malformed mails for vulnerability detection. By applying the tool to some popular Webmail systems, seven exploitable XSS vulnerabilities are found. The evaluation result shows that our tool can efficiently detect XSS vulnerabilities.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Detecting cross site scripting vulnerabilities introduced by HTML5
Guowei Dong ... Xin Wang
-
Guowei Dong, et. al.Guowei Dong ... Xin Wang
01 May 2014
MFXSS: An effective XSS vulnerability detection method in JavaScript based on multi-feature model
Zhonglin Liu ... Yijia Xu
Computers & Security | VOL. 124
Zhonglin Liu, et. al.Zhonglin Liu ... Yijia Xu
20 Nov 2022
Automated removal of cross site scripting vulnerabilities in web applications
Lwin Khin Shar ... Hee Beng Kuan Tan
Information and Software Technology | VOL. 54
Lwin Khin Shar, et. al.Lwin Khin Shar ... Hee Beng Kuan Tan
28 Dec 2011
An Improved XSS Vulnerability Detection Method Based on Attack Vector
Jia-Dong Liu ... Yu-Yi Ou
DEStech Transactions on Computer Science and Engineering | VOL. -
Jia-Dong Liu, et. al.Jia-Dong Liu ... Yu-Yi Ou
07 Jun 2018
View more papers

More From: Procedia Computer Science

Paper Title
Journal
Date
Author
Navigating the Digital Landscape of Diabetes Care: Current State of the Art and Future Directions
Helena Gonçalves ... António Godinho
Procedia Computer Science | VOL. 237
Helena Gonçalves, et. al.Helena Gonçalves ... António Godinho
31 May 2024
New haptic systems for elicit emotions in audio-visual events for hearing impaired people.
Garcia-Lopez Alvaro ... Cerdán Víctor
Procedia Computer Science | VOL. 237
Garcia-Lopez Alvaro, et. al.Garcia-Lopez Alvaro ... Cerdán Víctor
31 May 2024
Sustainable Social Business: Contribution of Social Innovation and Civil Society
Thayane De Souza Amaral ... Sérgio Ricardo Da Silveira Barros
Procedia Computer Science | VOL. 237
Thayane De Souza Amaral, et. al.Thayane De Souza Amaral ... Sérgio Ricardo Da Silveira Barros
31 May 2024
Characterization and Performance Evaluation of ESP32 for Real-time Synchronized Sensor Networks
M.J Espinosa-Gavira ... Juan José González De-La-Rosa
Procedia Computer Science | VOL. 237
M.J Espinosa-Gavira, et. al.M.J Espinosa-Gavira ... Juan José González De-La-Rosa
31 May 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.