Search Results - Vulnerable JavaScript

Vulnerable JavaScript functions detection using stacking of convolutional neural networks by Sheneamer, Abdullah

“…System security for web-based applications is paramount, and for the avoidance of possible cyberattacks it is important to detect vulnerable JavaScript functions…”
Get full text

Challenging Machine Learning Algorithms in Predicting Vulnerable JavaScript Functions by Ferenc, Rudolf, Hegedus, Peter, Gyimesi, Peter, Antal, Gabor, Ban, Denes, Gyimothy, Tibor

“… in JavaScript programs. We applied 8 machine learning algorithms to build prediction models using a new dataset constructed for this research from the vulnerability information in public databases of the Node Security…”
Get full text

On the Impact of Outdated and Vulnerable Javascript Packages in Docker Images by Zerouali, Ahmed, Cosentino, Valerio, Mens, Tom, Robles, Gregorio, Gonzalez-Barahona, Jesus M.

“…Containerized applications, and in particular Docker images, are becoming a common solution in cloud environments to meet ever-increasing demands in terms of…”
Get full text

A Protection Mechanism against Malicious HTML and JavaScript Code in Vulnerable Web Applications by Chai, Chuansen, Zhao, Xu, Wang, Qingxian, Yan, Xuexiong, Liu, Shukai, Sun, Yajing

“… and web browsers against malicious HTML and JavaScript code in vulnerable web applications…”
Get full text

Challenging Machine Learning Algorithms in Predicting Vulnerable JavaScript Functions by Ferenc, Rudolf, Hegedűs, Péter, Gyimesi, Péter, Antal, Gábor, Bán, Dénes, Gyimóthy, Tibor

“… in JavaScript programs. We applied 8 machine learning algorithms to build prediction models using a new dataset constructed for this research from the vulnerability information in public databases of the Node Security…”
Get full text

Towards Smoother Library Migrations: A Look at Vulnerable Dependency Migrations at Function Level for npm JavaScript Packages by Elizalde Zapata, Rodrigo, Kula, Raula Gaikovina, Chinthanet, Bodin, Ishio, Takashi, Matsumoto, Kenichi, Ihara, Akinori

“…It has become common practice for software projects to adopt third-party libraries, allowing developers full access to functions that otherwise will take time…”
Get full text

PatchFuzz: Patch fuzzing for JavaScript engines by Wang, Junjie, Xie, Zhihua, Xie, Xiaofei, Du, Xiaoning, Zhang, Xiangwei

“… While researchers have made efforts to apply patch fuzzing to testing JavaScript (JS) engines with considerable success, these efforts have been limited to using ordinary test cases or publicly available vulnerability PoCs (Proof of Concepts…”
Get full text

Detection of Obfuscated Malicious JavaScript Code by Alazab, Ammar, Khraisat, Ansam, Alazab, Moutaz, Singh, Sarabjot

“…Websites on the Internet are becoming increasingly vulnerable to malicious JavaScript code because of its strong impact and dramatic effect…”
Get full text

A client‐server JavaScript code rewriting‐based framework to detect the XSS worms from online social network by Gupta, Shashank, Gupta, B.B., Chaudhary, Pooja

“…Summary This article presents a client‐server JavaScript code rewriting‐based framework that protects and preserves the privacy of online users against XSS worms on Online Social Network (OSN). The server…”
Get full text

NodeXP: NOde.js server-side JavaScript injection vulnerability DEtection and eXPloitation by Ntantogian, Christoforos, Bountakas, Panagiotis, Antonaropoulos, Dimitris, Patsakis, Constantinos, Xenakis, Christos

“…; Node.js is no exception, as Server-Side JavaScript Injection (SSJI) attacks are possible due to the use of vulnerable functions and neglecting to sanitize data input provided by untrusted sources…”
Get full text

Towards a Prototype Based Explainable JavaScript Vulnerability Prediction Model by Mosolygo, Balazs, Vandor, Norbert, Antal, Gabor, Hegedus, Peter, Ferenc, Rudolf

“…: explainability and granularity of predictions. In this paper, we propose a novel and simple yet, promising approach to identify potentially vulnerable source code in JavaScript programs…”
Get full text

A lightweight and high-precision approach for bulky JavaScript engines fuzzing by Zhou, Lianpei, Xiao, Xi, Hu, Guangwu, Li, Hao, Wu, Xiangbo, Zhou, Tao

“… To improve the precision of coverage feedback and target the vulnerable JIT compiler of Javascript engines, we presented our fuzzer, called LF(Light Fuzzer…”
Get full text

Analysis of JavaScript Web Applications Using SAFE 2.0 by Jihyeok Park, Yeonhee Ryou, Joonyoung Park, Sukyoung Ryu

“… However, because JavaScript and web environments are extremely dynamic, JavaScript web applications are often vulnerable to type-related errors and security attacks…”
Get full text

Detecting Malicious Javascript in PDF through Document Instrumentation by Daiping Liu, Haining Wang, Stavrou, Angelos

“… Owed to its wide-spread use and Javascript support, PDF has been the primary vehicle for delivering embedded exploits…”
Get full text

A Study of Vulnerability Repair in JavaScript Programs with Large Language Models by Tan Khang Le, Saba Alimadadi, Ko, Steven Y

“… We also investigate the impact of context in a prompt on directing LLMs to produce a correct patch of vulnerable JavaScript code…”
Get full text

Real-Time Threat Detection with JavaScript: Monitoring and Response Mechanisms by A.I. Orynchak, O.V. Kuzmenko, O.M. Svintsytska

“… This article examines real-time threat detection, monitoring, and response techniques at the confluence of JavaScript and security…”
Get full text

MFXSS: An effective XSS vulnerability detection method in JavaScript based on multi-feature model by Liu, Zhonglin, Fang, Yong, Huang, Cheng, Xu, Yijia

“… Therefore, we proposed a multi-feature fusion-based neural network vulnerability detection model for detecting XSS vulnerabilities in the JavaScript source code of website…”
Get full text

Challenges to JavaScript obfuscation in the era of large language models by Ciochiu, Daniel, Brezovan, Marius, Enescu, Nicolae, Traistaru, Claudiu, Badoi, Mircea, Barcan, Alexandra

“… The results reveal a critical insight-contemporary JavaScript obfuscation techniques are increasingly vulnerable to the capabilities of modern LLMs, highlighting the urgent need for more robust client-side code protection strategies…”
Get full text

SecBench.js: An Executable Security Benchmark Suite for Server-Side JavaScript by Bhuiyan, Masudul Hasan Masud, Parthasarathy, Adithya Srinivas, Vasilakis, Nikos, Pradel, Michael, Staicu, Cristian-Alexandru

“…NPM is the largest software ecosystem in the world, offering millions of free, reusable packages. In recent years, various security threats to packages…”
Get full text

Securing web-clients with instrumented code and dynamic runtime monitoring by Ofuonye, Ejike, Miller, James

“… ► Self-contained, in-browser security manager for the JavaScript Language. ► A collection of secure JavaScript equivalent objects…”
Get full text