Visible to the public Cross-Site Scripting for Graphic Data: Vulnerabilities and Prevention

TitleCross-Site Scripting for Graphic Data: Vulnerabilities and Prevention
Publication TypeConference Paper
Year of Publication2019
AuthorsZubarev, Dmytro, Skarga-Bandurova, Inna
Conference Name2019 10th International Conference on Dependable Systems, Services and Technologies (DESSERT)
Keywordsanimation, Attack, black list, Cascading style sheets, code, Computer graphics, Cross Site Scripting, cross-site scripting, graphic content, graphical content, Human Behavior, Malware, pubcrawl, resilience, Resiliency, Scalability, security of data, SVG, SVG image, TES, Testing, Vulnerability, Web sites, websites, white list., XML, XML treatment method, XSS, XSS Attacks, XSS vulnerabilities
Abstract

In this paper, we present an overview of the problems associated with the cross-site scripting (XSS) in the graphical content of web applications. The brief analysis of vulnerabilities for graphical files and factors responsible for making SVG images vulnerable to XSS attacks are discussed. XML treatment methods and their practical testing are performed. As a result, the set of rules for protecting the graphic content of the websites and prevent XSS vulnerabilities are proposed.

DOI10.1109/DESSERT.2019.8770043
Citation Keyzubarev_cross-site_2019