A Study of Existing Cross Site Scripting Detection and Prevention Techniques in Web Applications

Web Applications provide wide range of services to its users in an efficient manner. Web based attacks are increasing with the intent to harm the users or the reputation of particular organization. Most of these attacks occur through the exploitation of security vulnerabilities found in web applications. These vulnerabilities exists because developer focuses more on the development of the application rather than its security due to the time and budget constraints. Cross Site Scripting (XSS) is one of the major security vulnerability found in web applications. In 2013, XSS is ranked third among the top 10 list of attacks by OWASP (Open Web Application Security Project).XSS flaws occur whenever an application takes insecure data and sends it to the browser without proper validation or escaping. This can result in hijacking user session, defacing websites and redirecting the user to malicious sites. In this paper, we will study different existing techniques which can be used for detection and prevention of XSS attacks.