XSS vulnerability detection method and device

The invention discloses an XSS vulnerability detection method and device. The method comprises that a URL of a webpage to be detected and an executable script code of a Web server of the webpage to be detected are obtained; the script code is updated in the URL of the webpage to be detected; the upd...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: LUO JIAFEI
Format: Patent
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses an XSS vulnerability detection method and device. The method comprises that a URL of a webpage to be detected and an executable script code of a Web server of the webpage to be detected are obtained; the script code is updated in the URL of the webpage to be detected; the updated URL is used to access the webpage to be detected; whether the Web server executes the script code is detected; and if the Web server executes the script code, it is determined that XSS vulnerability exists in the webpage to be detected. The method and device of the invention can be used to solve the technical problem that a detection result obtained via an XSS vulnerability detection scheme based on matching and analysis of webpage files is lower in accuracy.