摘要
为解决存储型XSS漏洞的自动化黑盒检测问题,提出基于风险数据追踪的存储型XSS漏洞检测方法。依此技术可以对Web应用程序上存在的存储型XSS漏洞进行快速、深入的自动化挖掘。简要介绍了为实现该技术而需编写的自动化辅助软件的设计与实现,并用实验证明了该检测技术的有效性。
To discover stored XSS vulnerability with black-box testing,we put forward a new technique which is based on tracing risky data.This technology can discover stored XSS vulnerability automatically on Web application quickly and deeply.This paper introduced how to design the assisted software for this technique birefly as well as prove the effectiveness of this technique.
出处
《计算机科学》
CSCD
北大核心
2014年第B11期241-244,共4页
Computer Science