PERSISTENT CROSS-SITE SCRIPTING VULNERABILITY DETECTION
First Claim
1. A method for detecting a persistent cross-site scripting vulnerability comprising:
- detecting, via a processor, a read operation executed on a resource using an instrumentation mechanism;
returning, via the processor, a malicious script in response to the read operation; and
detecting, via the processor, a script operation that indicates the execution of the malicious script that results in resource data being sent to an external computing device from a client device.
2 Assignments
0 Petitions
Accused Products
Abstract
Various techniques for detecting a persistent cross-site scripting vulnerability are described herein. In one example, a method includes detecting, via the processor, a read operation executed on a resource using an instrumentation mechanism and returning, via the processor, a malicious script in response to the read operation. The method also includes detecting, via the processor, a write operation executed on the resource using the instrumentation mechanism and detecting, via the processor, a script operation executed by the malicious script that results in resource data being sent to an external computing device from a client device. Furthermore, the method includes receiving, via the processor, metadata indicating the execution of the read operation, the write operation, and the script operation.
23 Citations
8 Claims
-
1. A method for detecting a persistent cross-site scripting vulnerability comprising:
-
detecting, via a processor, a read operation executed on a resource using an instrumentation mechanism; returning, via the processor, a malicious script in response to the read operation; and detecting, via the processor, a script operation that indicates the execution of the malicious script that results in resource data being sent to an external computing device from a client device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification