Browser's defenses against reflected cross-site scripting attacks

“…In [5], the limitations of anti-XSS approach implemented in different browsers for reflected XSS attacks against several categories of vulnerabilities are addressed properly and witnessed that Mozilla Firefox with XSS-Me discovers greater percentage of exploits than other browsers. To defend against the discovered exploits in this add-on, this paper proposes a blocking technique so that it can be treated as a propitious anti-XSS filter, if integrated inside the browser instead being applied as an extension.…”

“…Furthermore, how and what part of the parameter is perilous to forward to provide response to the web browser. Therefore, for the identification of malicious code, XSS-Me is the best in its work as discussed in [5]. The challenging part of our contribution is to recognize and stop the execution of the malicious parameters.…”

“…After having a thorough explanation of XSS-Me in [5], the detailed approach of XSS-Me to detect XSS vulnerability in a web application is as shown in Fig. 2.…”

“…This paper uses a different strategy to stop malicious strings by identifying the vulnerable portion of inputs being used in black-box testing and the limitations identified in [5] are mapped to the flaws in the strategies being used. These tools comfort developers to easily identify SQL and XSS injection susceptibilities.…”

“…On this ground, in [5], client side defenses used by latest versions of popularly used browsers for defending against reflected XSS are assessed. The paper witnesses some effective results for Mozilla Firefox after installing an add-on named XSS-Me.…”

Enhanced browser defense for reflected Cross-Site Scripting

“…In [5], the limitations of anti-XSS approach implemented in different browsers for reflected XSS attacks against several categories of vulnerabilities are addressed properly and witnessed that Mozilla Firefox with XSS-Me discovers greater percentage of exploits than other browsers. To defend against the discovered exploits in this add-on, this paper proposes a blocking technique so that it can be treated as a propitious anti-XSS filter, if integrated inside the browser instead being applied as an extension.…”

“…Furthermore, how and what part of the parameter is perilous to forward to provide response to the web browser. Therefore, for the identification of malicious code, XSS-Me is the best in its work as discussed in [5]. The challenging part of our contribution is to recognize and stop the execution of the malicious parameters.…”

“…After having a thorough explanation of XSS-Me in [5], the detailed approach of XSS-Me to detect XSS vulnerability in a web application is as shown in Fig. 2.…”

“…This paper uses a different strategy to stop malicious strings by identifying the vulnerable portion of inputs being used in black-box testing and the limitations identified in [5] are mapped to the flaws in the strategies being used. These tools comfort developers to easily identify SQL and XSS injection susceptibilities.…”

“…On this ground, in [5], client side defenses used by latest versions of popularly used browsers for defending against reflected XSS are assessed. The paper witnesses some effective results for Mozilla Firefox after installing an add-on named XSS-Me.…”

Enhanced browser defense for reflected Cross-Site Scripting

A Comparative Analysis of Various Vulnerabilities Occur in Google Chrome

Assessment of vulnerabilities of web applications of Bangladesh: A case study of XSS & CSRF