Floragasse 7 – 5th floor, 1040 Vienna


CST team @ ICTSS2016

Kristoffer Kleine and Bernhard Garn presented the paper „A Combinatorial Approach to Analyzing Cross-Site Scripting (XSS) Vulnerabilities in Web Application Security Testing” at ICTSS 2016 taking place October 17 – 19 2016, in Graz.

This work is a joint contribution between SBA Research (Dimitris E. Simos, Kristoffer Kleine  and Bernhard Garn) with the University of Texas at Arlington (Laleh Shikh Gholamhossein Ghandehari and Yu Lei) and represents a novel combination of CT with fault-localization techniques to find the root cause of XSS vulnerabilities. As XSS remains in the top web application security risks and this work paves the way for a fully automated analysis of security vulnerabilities of web applications, it is a further strengthening of CST.