Volltext-Downloads (blau) und Frontdoor-Views (grau)
The search result changed since you submitted your search request. Documents might be displayed in a different sort order.
  • search hit 12 of 19
Back to Result List

Difficult XSS Code Patterns for Static Code Analysis Tools

  • We present source code patterns that are difficult for modern static code analysis tools. Our study comprises 50 different open source projects in both a vulnerable and a fixed version for XSS vulnerabilities reported with CVE IDs over a period of seven years. We used three commercial and two open source static code analysis tools. Based on the reported vulnerabilities we discovered code patterns that appear to be difficult to classify by static analysis. The results show that code analysis tools are helpful, but still have problems with specific source code patterns. These patterns should be a focus in training for developers.

Export metadata

Additional Services

Search Google Scholar

Statistics

frontdoor_oas
Metadaten
Author:Felix SchuckertORCiD, Basel KattORCiD, Hanno LangwegORCiDGND
DOI:https://doi.org/10.1007/978-3-030-42051-2_9
ISBN:978-3-030-42050-5
ISBN:978-3-030-42051-2
Parent Title (English):Computer Security - ESORICS 2019 International Workshops, IOSec, MSTEC, and FINSEC Luxembourg City, Luxembourg, September 26-27, 2019
Publisher:Springer
Place of publication:Cham
Document Type:Conference Proceeding
Language:English
Year of Publication:2020
Identifier:Im Katalog der Hochschule Konstanz ansehen
Release Date:2021/01/08
First Page:123
Last Page:139
Note:
Zugriff auf den Volltext im Campusnetz der Hochschule Konstanz möglich.
Institutes:Fakultät Informatik
Relevance:Peer reviewed nach anderen Listungen (mit Nachweis zum Peer Review Verfahren)
Open Access?:Nein
Licence (German):License LogoUrheberrechtlich geschützt