A Proposal: For Emerging Gaps in Finding Firm Solutions for Cross Site Scripting Attacks on Web Applications

Abstract

There are many web vulnerabilities and popular among them is Cross Site Scripting Attacks (XSS). The XSS vulnerability can go to the extent of intruding on an organization's data via its web application. The activities the hijacker performs during these XSS attacks are accessing user sessions, deleting, adding, and modifying the data of the websites. Additionally, as they have control over the web pages, they add malicious code to distort the user interface and stop further business activities. If an organization’s website is providing service across the globe, this would halt all the user transactions for many hours until the issue is resolved. The attackers would further proceed to access the organization's servers if the situation is not handled to stop the XSS attacks. These real- time scenarios explain the severity of the XSS attacks. Further implementing solutions to not face further attacks is still continuing. The reason for the quest to find better solutions is to avoid these XSS attacks, because the hackers are always finding various routes to hack these web applications. However, even after finding many solutions, these attacks are happening regularly. Hence it is necessary to discover the gap to find an appropriate solution even before any new XSS attack happens. This paper proposes a methodology to explore these gaps and solutions to an ongoing cross site scripting attacks.