|
|
|
|
open web application security project components with known vulnerabilities: a comprehensive study
|
|
|
|
|
|
|
|
نویسنده
|
albulayhi mohammed s. ,ibrahim dina m.
|
|
منبع
|
the isc international journal of information security - 2021 - دوره : 13 - شماره : 3 - صفحه:59 -67
|
|
چکیده
|
The open web application security project (owasp) is a nonprot organization battling for improvements in software protection and enhancing the security of web applications. moreover, its goal is to make application security accessible so that individuals and organizations can make educated decisions about security threats. the owasp is a repository of tools and standards for web security studies. owasp released an annual listing of the top 10 most common vulnerabilities on the web in 2013 and 2017. this research paper proposed a comprehensive study on components with known vulnerabilities attack, which is the ninth attack (a9) among the top 10 vulnerabilities. components with known vulnerabilities are the third-party components that the focal system uses as authentication frameworks. depending on the vulnerability it could range from subtle to seriously bad. this danger arises because the app's modules, like libraries and frameworks, are almost always run with the highest privileges. if a compromised aspect is abused, the hacker's task of causing signicant loss of information or server takeover is easier.
|
|
کلیدواژه
|
web application security ,owasp ,vulnerability
|
|
آدرس
|
qassim university, college of computer, department of information technology, saudi arabia, qassim university, college of computer, department of information technology, saudi arabia. tanta university, faculty of engineering, computers and control engineering department, egypt
|
|
پست الکترونیکی
|
d.hussein@qu.edu.sa, dina.mahmoud@f-eng.tanta.edu.eg
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|