Cross Site Scripting: An Automated Approach to detect XSS Vulnerabilities in Web Applications

Abstract

By reviewing the literature belonging to Cross-site Scripting (XSS) vulnerability, it has been found that many investigations have emphasized only on XSS vulnerability detection manually, but not many studies have explored the ways by which Cross-Site Scripting vulnerabilities can be found using automation tools. XSS is common yet severe vulnerability these days. It can even compromise whole web application. It is not easily detectable by common user at client side which makes it more dangerous. The ultimate aim of using this approach is to find, report, patch and prevent any damages to clients and servers caused by XSS. There are many tools available which helps in detecting XSS vulnerabilities with help of multiple payloads and parameters as described in this paper.