According to the consequences of the Cisco 2018 yearly security report, which indicated that there is at least one vulnerability for all web applications analyzed, and web attacks are becoming more regular and continually advancing, web applications will be vulnerable to various types of attacks. Cross-Site Script (XSS) is the most frequent attack and more attacks lead to XSS. Cross-Site Script (XSS) Attacks exploit web applications vulnerabilities and inject malicious code into a reliable web application. The malicious script will be executed when the victim is browsing this web application. We studied a collection of documents on cross-site scripting that were distributed between 2014 and 2024 to gather data on the strategies that the scientific society has used to discover and avoid XSS attacks. The current XSS defensive strategies are Static and Dynamic analysis, Filter method, Proxy method, etc. The orientation in the proposition of conventional methods to prevent XSS attacks is more than the propositions that use artificial intelligence (AI) strategies. Currently, developers use machine learning methods to mitigate XSS attacks and support defensive methods by artificial intelligence rules. This review may be used by any researcher as material reading to understand the XSS attack mitigation methods.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Cross Site Scripting Attacks (XSS): A Review

  • Iman Fareed Khazal,
  • Arkan A. Ghaib,
  • Asmaa Shareef,
  • Zaid Ameen Abduljabbar,
  • Vincent Omollo Nyangaresi,
  • Iman Qays Abduljaleel,
  • Abdulla J. Y. Aldarwish,
  • Ali Hasan Ali,
  • Zaid Alaa Hussien

摘要

According to the consequences of the Cisco 2018 yearly security report, which indicated that there is at least one vulnerability for all web applications analyzed, and web attacks are becoming more regular and continually advancing, web applications will be vulnerable to various types of attacks. Cross-Site Script (XSS) is the most frequent attack and more attacks lead to XSS. Cross-Site Script (XSS) Attacks exploit web applications vulnerabilities and inject malicious code into a reliable web application. The malicious script will be executed when the victim is browsing this web application. We studied a collection of documents on cross-site scripting that were distributed between 2014 and 2024 to gather data on the strategies that the scientific society has used to discover and avoid XSS attacks. The current XSS defensive strategies are Static and Dynamic analysis, Filter method, Proxy method, etc. The orientation in the proposition of conventional methods to prevent XSS attacks is more than the propositions that use artificial intelligence (AI) strategies. Currently, developers use machine learning methods to mitigate XSS attacks and support defensive methods by artificial intelligence rules. This review may be used by any researcher as material reading to understand the XSS attack mitigation methods.