著者
西田 誠幸 原田 紀夫
出版者
拓殖大学
雑誌
拓殖大学理工学研究報告 (ISSN:09198253)
巻号頁・発行日
vol.9, no.1, pp.59-60, 2004-01-25

Cross Site Scripting (XSS) is one of vulnerabilities that is latent in dynamic contents on WWW. Attackers exploit XSS to get cookie information and alter Web pages illegally. One of the problems to eliminate XSS is that Web masters have to check the XSS existance in dynamic contents with great effort, or they have to prohibit the usage of dynamic contents. This paper describles an algorithm we have been designing in order to detect XSS vulnerabilities in PHP scripts that generate dynamic contents. Our algorithm belongs with the flow sensitive analysis in static program analysis, and it is based on the constant propagation analysis. The algorithm supports Web masters with checking the XSS existance in PHP scripts automatically.

言及状況

Twitter (2 users, 3 posts, 0 favorites)

こんな論文どうですか? PHPスクリプトにおけるクロスサイトスクリプティング脆弱性の自動検出(西田 誠幸ほか),2004 http://t.co/Fjy9XCAj3y
こんな論文どうですか? PHPスクリプトにおけるクロスサイトスクリプティング脆弱性の自動検出(西田誠幸ほか),2004 http://id.CiNii.jp/TpD1L

収集済み URL リスト