TY  - JOUR
T1  - Towards Removing Cross-Site Scripting Vulnerabilities from Mobile Web Applications
AU - Hydara, Isatou AU - Md Sultan, Abu Bakar AU - Zulzalil, Hazura AU - Admodisastro, Novia 
JO  - Journal of Engineering and Applied Sciences
VL  - 13
IS  - 16
SP  - 6616
EP  - 6621
PY  - 2018
DA  - 2001/08/19
SN  - 1816-949x
DO  - jeasci.2018.6616.6621
UR  - https://makhillpublications.co/view-article.php?doi=jeasci.2018.6616.6621
KW  - Cross-site scripting
KW  -cross-site scripting vulnerability
KW  -software security
KW  -vulnerability removal
KW  -web application
KW  -application developers
AB  - Cross-site scripting vulnerabilities are among the most common of security vulnerabilities found in web applications and more recently in mobile versions of web applications. They have caused many successful attacks on web applications on a daily basis including loss of financial and health information, exposure to malware and viruses and denial of service attacks. Cross-site scripting vulnerabilities are easy to exploit but difficult to mitigate. Most of the existing solutions to cross-site scripting vulnerabilities focus only on the desktop version of web application and there is hardly any focus on the mobile versions. Also, most solutions provided only focus on preventing attacks or detecting the vulnerabilities. Very few research works have addressed eliminating these vulnerabilities from the web applications source codes. In this study, we present our research in progress on the removal of detected cross-site scripting vulnerabilities in mobile versions of web applications. We have proposed an approach in a previous research to detect and remove cross-site scripting vulnerabilities in desktop web applications. We have enhanced that approach and are currently testing it for the removal of cross-site scripting vulnerabilities in mobile versions of web applications. Initial evaluations have indicated promising results. We believe this approach can help web application developers to eliminate cross-site scripting vulnerabilities in not only their desktop web applications but also in the mobile version ones.
ER  - 