{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,16]],"date-time":"2025-10-16T03:47:33Z","timestamp":1760586453787},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540770855"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-77086-2_25","type":"book-chapter","created":{"date-parts":[[2007,11,26]],"date-time":"2007-11-26T10:22:09Z","timestamp":1196072529000},"page":"277-291","source":"Crossref","is-referenced-by-count":3,"title":["Constructing a \u201cCommon Cross Site Scripting Vulnerabilities Enumeration (CXE)\u201d Using CWE and CVE"],"prefix":"10.1007","author":[{"given":"K.","family":"Sivakumar","sequence":"first","affiliation":[]},{"given":"K.","family":"Garg","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"25_CR1","doi-asserted-by":"crossref","unstructured":"Lucca, G.A., Fasolino, A.R., et al.: Identifying Cross Site Scripting Vulnerabilities in Web Applications. In: Proceedings of the Sixth IEEE International Workshop on Web Site Evolution, pp. 71\u201380","DOI":"10.1109\/WSE.2004.10013"},{"key":"25_CR2","doi-asserted-by":"publisher","first-page":"739","DOI":"10.1016\/j.comnet.2005.01.003","volume":"48","author":"Y. Huang","year":"2005","unstructured":"Huang, Y., Tsai, C., Lin, T., Huang, S., Kuo\u2019, D.T.: A testing framework for Web application, security assessment. Computer Networks\u00a048, 739\u2013761 (2005)","journal-title":"Computer Networks"},{"key":"25_CR3","unstructured":"McGraw, G., Chess, B., Tsipenyuk, K.: Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors. In: NIST Workshop on Software Security Assurance Tools, Techniques and Metrics, Long Beach, CA, (November 2005)"},{"key":"25_CR4","unstructured":"Martin, R.A., Christey, S., Jarzombek, J.: The Case for Common Flaw Enumeration. In: NIST Workshop on Software Security Assurance Tools, Techniques, and Metrics, Long Beach, CA (November 2005)"},{"key":"25_CR5","doi-asserted-by":"crossref","unstructured":"Weber, S., Karger, P.A., Paradkar, A.: A Software Flaw Taxonomy: Aiming Tools at Security. In: SESS 2005. ACM Software Engineering for Secure Systems - Building Trustworthy Applications, St. Louis, Missouri, USA (June 2004)","DOI":"10.1145\/1083200.1083209"},{"key":"25_CR6","unstructured":"Dehlinger, J., Feng, Q., Hu, L.: SSVChecker: Unifying Static Security Vulnerability Detection Tools in an Eclipse Plug-In. In: ETX 2006. Eclipse Technology Exchange Workshop at OOPSLA 2006, Portland (October 22-23, 2006)"},{"key":"25_CR7","unstructured":"The Software Assurance Metrics and Tool Evaluation (SAMATE) project, National Institute of Science and Technology (NIST), http:\/\/samate.nist.gov"},{"key":"25_CR8","unstructured":"The OMG Software Assurance (SwA) Special Interest Group, http:\/\/swa.omg.org"},{"key":"25_CR9","unstructured":"The Common Weaknesses Enumeration (CWE) Initiative, MITRE Corporation, http:\/\/cve.mitre.org\/cwe"},{"key":"25_CR10","unstructured":"The Preliminary List Of Vulnerability Examples for Researchers (PLOVER), MITRE Corporation, http:\/\/cve.mitre.org\/docs\/plover"},{"key":"25_CR11","unstructured":"The Common Vulnerabilities and Exposures (CVE) Initiative, MITRE Corporation, http:\/\/cve.mitre.org"},{"key":"25_CR12","unstructured":"OWASP Top Ten Most Critical Web Application Security Vulnerabilities, http:\/\/www.owasp.org\/documentation\/topten.html"},{"key":"25_CR13","unstructured":"Department of Homeland Security National Cyber Security Division\u2019s Build Security In (BSI) web site, http:\/\/buildsecurityin.us-cert.gov"},{"key":"25_CR14","unstructured":"Klein, A.: Cross Site Scripting Explained, Sanctum Security Group, http:\/\/www.crypto.stanford.edu\/cs155\/CSS.pdf"},{"key":"25_CR15","unstructured":"Endler, D.: The Evolution of Cross-Site Scripting Attacks iDEFENSE Labs, http:\/\/www.cgisecurity.com\/lib\/XSS.pdf"},{"key":"25_CR16","unstructured":"Spett, K.: Are your web applications vulnerable, http:\/\/www.spidynamics.com\/whitepapers\/SPIcross-sitescripting.pdf"},{"key":"25_CR17","unstructured":"Viega, J.: The CLASP Application Security Process, Secure Software, Inc., http:\/\/www.securesoftware.com"},{"key":"25_CR18","unstructured":"Mauw, S.: PHP vulnerabilities 2IF30. In: ECSS group, Eindhoven University of Technology, The Netherlands, http:\/\/www.win.tue.nl\/_ecss"},{"key":"25_CR19","unstructured":"Christey, S.M.: Vulnerability Type Distributions in CVE Document version: 1.0 (October 4, 2006), http:\/\/cve.mitre.org\/docs\/docs-06\/vuln-trends.html"},{"key":"25_CR20","unstructured":"Barnum, M.: Being Explicit About Security Weaknesses Robert"},{"key":"25_CR21","unstructured":"Managing Application Security in Business Processes, http:\/\/www.verisign.com\/managed-security-services\/information-security\/vulnerabilty-assessment\/index.html"},{"key":"25_CR22","unstructured":"Secunia vulnerability advisories Bugtraq, http:\/\/www.secunia.com"},{"key":"25_CR23","unstructured":"Vulnerability advisories, http:\/\/www.securityfocus.com"},{"key":"25_CR24","unstructured":"Certcoordination centre, http:\/\/www.cert.org"},{"key":"25_CR25","unstructured":"National Vulnerability Database, http:\/\/nvd.nist.gov"},{"key":"25_CR26","unstructured":"Common Vulnerability Scoring System, http:\/\/www.first.org\/cvss"},{"key":"25_CR27","unstructured":"Open Source Vulnerability Database, http:\/\/osvdb.org"}],"container-title":["Lecture Notes in Computer Science","Information Systems Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-77086-2_25.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T10:58:14Z","timestamp":1619521094000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-77086-2_25"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540770855"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-77086-2_25","relation":{},"subject":[]}}