{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,8]],"date-time":"2026-04-08T18:40:11Z","timestamp":1775673611082,"version":"3.50.1"},"reference-count":44,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"funder":[{"name":"Guangzhou Municipal Universities","award":["1201620342"],"award-info":[{"award-number":["1201620342"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2019]]},"DOI":"10.1109\/access.2019.2960449","type":"journal-article","created":{"date-parts":[[2019,12,17]],"date-time":"2019-12-17T21:02:17Z","timestamp":1576616537000},"page":"182004-182016","source":"Crossref","is-referenced-by-count":71,"title":["A Survey of Exploitation and Detection Methods of XSS Vulnerabilities"],"prefix":"10.1109","volume":"7","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2259-9782","authenticated-orcid":false,"given":"Miao","family":"Liu","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1604-0552","authenticated-orcid":false,"given":"Boyu","family":"Zhang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7642-7279","authenticated-orcid":false,"given":"Wenbin","family":"Chen","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1302-440X","authenticated-orcid":false,"given":"Xunlai","family":"Zhang","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.17485\/ijst\/2015\/v8i30\/86055"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2014.2373377"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.3745\/JIPS.03.0079"},{"key":"ref32","first-page":"946","article-title":"DexterJS: Robust testing platform for DOM-based XSS vulnerabilities","author":"parameshwaran","year":"2015","journal-title":"Proc 10th Joint Meeting Found Softw Eng"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.5220\/0005650100150025"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978384"},{"key":"ref37","first-page":"1","article-title":"Client-side automated sanitizer for cross-site scripting vulnerabilities","volume":"121","author":"patil","year":"2015","journal-title":"Int J Comput Appl"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2881070"},{"key":"ref35","doi-asserted-by":"crossref","first-page":"100","DOI":"10.1016\/j.jpdc.2017.07.006","article-title":"TT-XSS: A novel taint tracking based dynamic detection framework for DOM cross-site scripting","volume":"118","author":"wang","year":"2018","journal-title":"J Parallel Distrib Comput"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/3194452.3194469"},{"key":"ref10","year":"2011","journal-title":"Analysis of Sina Weibo Attacked by XSS"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1016\/j.sysarc.2015.11.001"},{"key":"ref11","year":"2014","journal-title":"TweetDeck Taken Down in Wake of XSS Attacks"},{"key":"ref12","year":"2010","journal-title":"Twitter Hit by XSS Attack"},{"key":"ref13","year":"2005","journal-title":"Cross-Site Scripting Worm Hits MySpace"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516708"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/2993600.2993606"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2016.05.211"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/ICS.2016.0060"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/QRS.2017.46"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1007\/s11042-016-3735-1"},{"key":"ref28","first-page":"59","article-title":"PHP-sensor: A prototype method to discover workflow violation and XSS vulnerabilities in PHP Web applications","author":"gupta","year":"2015","journal-title":"Proc 12th ACM Int Conf Comput"},{"key":"ref4","year":"2015","journal-title":"Baidu Post Bar XSS Worm Crawling a Lot"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/MOBISECSERV.2015.7072878"},{"key":"ref3","year":"2006","journal-title":"Account Hijackings Force LiveJournal Changes"},{"key":"ref6","year":"2017","journal-title":"XSS Found in Silently Installed Acrobat Chrome Extension"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.53"},{"key":"ref5","year":"2016","journal-title":"A Tale of eBay XSS and Shoddy Incident Response"},{"key":"ref8","year":"2016","journal-title":"Security Advisory Stored XSS in Magento"},{"key":"ref7","year":"2015","journal-title":"AVG Chrome Extension Exposes User Data"},{"key":"ref2","volume":"23","year":"2018","journal-title":"ISTRInternet Security Threat Report"},{"key":"ref9","year":"2011","journal-title":"One of World&#x2019;s Largest Websites Hacked Turns Visitors into &#x2019;DDoS Zombies"},{"key":"ref1","year":"2018","journal-title":"Top 10 2017 - OWASP"},{"key":"ref20","first-page":"6","article-title":"Discovering vulnerabilities using data-flow analysis and machine learning","author":"kronjee","year":"2018","journal-title":"Proc 13th Int Conf Avail Reli Secur"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE.2014.32"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-13-6052-7_41"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2017.11"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2013.6671300"},{"key":"ref41","first-page":"1","article-title":"Web Security: Detection of cross site scripting in PHP Web application using genetic algorithm","volume":"8","author":"marashdih","year":"2017","journal-title":"International Journal on Advanced Computing & Science (IJACSA"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516703"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1109\/CAIPT.2017.8320672"},{"key":"ref26","first-page":"655","article-title":"Precise client-side protection against DOM-based cross-site scripting","author":"stock","year":"2014","journal-title":"Proc Conf USENIX Security Symp"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/2995959.2995966"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/2557547.2557550"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6287639\/8600701\/08935148.pdf?arnumber=8935148","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,27]],"date-time":"2022-01-27T09:13:27Z","timestamp":1643274807000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8935148\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"references-count":44,"URL":"https:\/\/doi.org\/10.1109\/access.2019.2960449","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]}}}