{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,23]],"date-time":"2026-03-23T11:11:05Z","timestamp":1774264265519,"version":"3.50.1"},"reference-count":84,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2026,3,21]],"date-time":"2026-03-21T00:00:00Z","timestamp":1774051200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Digital"],"abstract":"<jats:p>This study addresses a gap in the literature by explicitly linking responsive web design frameworks to concrete cybersecurity vulnerabilities, moving beyond traditional discussions of usability and device compatibility to incorporate security-by-design principles in contemporary frontend development. The research adopts a qualitative comparative approach and considers five widely used responsive design frameworks: Bootstrap, Tailwind CSS, Foundation, Pure CSS, and Skeleton. These frameworks were selected based on criteria such as maturity, adoption, and architectural diversity. Three research questions guide the analysis: the identification of cybersecurity risks associated with responsive design frameworks, the extent to which these risks vary across frameworks, and the mitigation strategies required to address them. The findings confirm that most critical vulnerabilities originate outside the frontend layer, reinforcing the separation between presentation and backend logic. However, the results demonstrate that frameworks significantly influence the security risk profile, particularly regarding cross-site scripting, dependency management, and configuration practices. Modern utility-first frameworks shift security concerns toward the build pipeline and toolchain, while minimalistic and abandoned frameworks introduce risks related to obsolescence and unpatched \u201cforever-day\u201d vulnerabilities. The study concludes that frontend security depends less on framework choice alone and more on governance, continuous maintenance, and the systematic adoption of secure development and DevSecOps practices.<\/jats:p>","DOI":"10.3390\/digital6010026","type":"journal-article","created":{"date-parts":[[2026,3,23]],"date-time":"2026-03-23T09:48:42Z","timestamp":1774259322000},"page":"26","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Security Risks in Responsive Web Design Frameworks"],"prefix":"10.3390","volume":"6","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6758-4843","authenticated-orcid":false,"given":"Fernando","family":"Almeida","sequence":"first","affiliation":[{"name":"Center of Innovation, Entrepreneurship and Technology (CITE), INESC TEC, 4200-465 Porto, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-9044-0555","authenticated-orcid":false,"given":"Carlos","family":"Sousa","sequence":"additional","affiliation":[{"name":"School of Science and Technology, ISPGAYA, 4400-103 V. N. Gaia, Portugal"}]}],"member":"1968","published-online":{"date-parts":[[2026,3,21]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"8176","DOI":"10.1016\/j.egyr.2021.08.126","article-title":"A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments","volume":"7","author":"Li","year":"2021","journal-title":"Energy Rep."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Aslan, \u00d6., Aktu\u011f, S.S., Ozkan-Okay, M., Yilmaz, A.A., and Akin, E. (2023). A Comprehensive Review of Cyber Security Vulnerabilities, Threats, Attacks, and Solutions. Electronics, 12.","DOI":"10.3390\/electronics12061333"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Andrade, R., Torres, J., and Ortiz-Garc\u00e9s, I. (2025). Enhancing Security in Software Design Patterns and Antipatterns: A Framework for LLM-Based Detection. Electronics, 14.","DOI":"10.3390\/electronics14030586"},{"key":"ref_4","first-page":"105933","article-title":"Shielding software systems: A comparison of security by design and privacy by design based on a systematic literature review","volume":"52","year":"2024","journal-title":"Comp. Law Sec. Rev."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"34","DOI":"10.37134\/jictie.vol8.2.4.2021","article-title":"Review on Confidentiality, Integrity and Availability in Information Security","volume":"8","author":"Zolkipli","year":"2021","journal-title":"J. ICT Educ."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"112144","DOI":"10.1016\/j.jss.2024.112144","article-title":"GDPR compliance via software evolution: Weaving security controls in software design","volume":"216","author":"Pasquale","year":"2024","journal-title":"J. Syst. Soft."},{"key":"ref_7","first-page":"1","article-title":"The Impact of GDPR on Global Technology Development","volume":"22","author":"Li","year":"2019","journal-title":"J. Glob. Inf. Technol. Manag."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Humayun, M., Niazi, M., Assiri, M., and Haoues, M. (2023). Secure Global Software Development: A Practitioners\u2019 Perspective. Appl. Sci., 13.","DOI":"10.3390\/app13042465"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Alnajrani, H.M., and Norman, A.A. (2020). The Effects of Applying Privacy by Design to Preserve Privacy and Personal Data Protection in Mobile Cloud Computing: An Exploratory Study. Symmetry, 12.","DOI":"10.3390\/sym12122039"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Salahdine, F., and Kaabouch, N. (2019). Social Engineering Attacks: A Survey. Future Internet, 11.","DOI":"10.3390\/fi11040089"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"103928","DOI":"10.1016\/j.ipm.2024.103928","article-title":"A comprehensive survey on social engineering attacks, countermeasures, case study, and research challenges","volume":"62","author":"Rathod","year":"2025","journal-title":"Inf. Process. Manag."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"1","DOI":"10.14763\/2025.4.2047","article-title":"Leveraging interdisciplinary methods for evidence collection in enforcement: Dark patterns as a case study","volume":"14","author":"Gunawan","year":"2025","journal-title":"Internet Policy Rev."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Di Nocera, F., Tempestini, G., and Orsini, M. (2023). Usable Security: A Systematic Literature Review. Information, 14.","DOI":"10.3390\/info14120641"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"91989","DOI":"10.1109\/ACCESS.2025.3572108","article-title":"An Interface Evaluation Model for Usability and Perceived Security","volume":"13","year":"2025","journal-title":"IEEE Access"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"93","DOI":"10.1145\/3282665.3282674","article-title":"Exploring usability and user-centered design through emergency management websites: Advocating responsive web design","volume":"6","author":"Cosgrove","year":"2018","journal-title":"Comm. Des. Q. Rev."},{"key":"ref_16","first-page":"3973","article-title":"The Future of Responsive Web Design: Challenges and Opportunities in Multi-Device Compatibility","volume":"12","author":"Kaur","year":"2024","journal-title":"Int. J. Res. Appl. Sci."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Chen, Z., and Lee, J. (2025). The Influence of UI Design Attributes and Users\u2019 Uncertainty Avoidance on Stickiness of the Young Elderly Toward mHealth Applications. Behav. Sci., 15.","DOI":"10.3390\/bs15050581"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"47","DOI":"10.1080\/10447318.2020.1805876","article-title":"Unifying Functional User Interface Design Principles","volume":"37","author":"Ruiz","year":"2021","journal-title":"Int. J. Hum. Comput. Interact."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1162\/desi.2008.24.3.85","article-title":"User Interface Design Principles for Interaction Design","volume":"24","author":"Zender","year":"2008","journal-title":"Des. Issues"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Musulin, J., and Strahonja, V. (2023). User Experience, Business Models, and Service Design in Concert: Towards a General Methodological Framework for Value Proposition Enhancement. Sustainability, 15.","DOI":"10.3390\/su151612509"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Luther, L., Tiberius, V., and Brem, A. (2020). User Experience (UX) in Business, Management, and Psychology: A Bibliometric Mapping of the Current State of Research. Multimodal Technol. Interact., 4.","DOI":"10.3390\/mti4020018"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"103569","DOI":"10.1016\/j.ijhcs.2025.103569","article-title":"Design approaches to improve user experience: An example of a mobile app prototyping process","volume":"203","author":"Ilhan","year":"2025","journal-title":"Int. J. Hum. Comput. Stud."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Veigas, N.J., Shah, R.D., Shetty, D.K., Thomas, T., Bhatta, S.R., and Panwar, N. (2023). A Comprehensive Analysis of the User Experience in Digital Platforms Concerning the Practice of Nudging User Behaviour. Eng. Proc., 59.","DOI":"10.3390\/engproc2023059002"},{"key":"ref_24","first-page":"101662","article-title":"Identifying interface design factors impacting user experience in digital learning platforms- A pilot study","volume":"11","author":"Syamala","year":"2025","journal-title":"Soc. Sci. Hum. Open"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Gao, J., Jia, W., and Yin, J. (2024). Exploring Smartphone User Interface Experience-Sharing Behavior: Design Perception and Motivation-Driven Mechanisms through the SOR Model. Sustainability, 16.","DOI":"10.3390\/su16156670"},{"key":"ref_26","first-page":"102","article-title":"Exploring the Nexus of User Interface (UI) and User Experience (UX) in the Context of Emerging Trends and Customer Experience, Human Computer Interaction, Applications of Artificial Intelligence","volume":"5","author":"Paneru","year":"2024","journal-title":"Int. J. Inform. Inf. Syst. Comp. Eng."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"tyaf005","DOI":"10.1093\/cybsec\/tyaf005","article-title":"Software security in practice: Knowledge and motivation","volume":"11","author":"Assal","year":"2025","journal-title":"J. Cybersecur."},{"key":"ref_28","first-page":"292","article-title":"Agile Software Development with Secure and Scrum-Centric Approach","volume":"15","year":"2024","journal-title":"Acad. J. Inf. Technol."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Hassan, Y., Ghazal, T.M., Yasir, S., Al-Adwan, A.S., Younes, S.S., Albahar, M.A., Ahmad, M., and Ikram, A. (2025). Exploring the Mediating Role of Information Security Culture in Enhancing Sustainable Practices Through Integrated Systems Infrastructure. Sustainability, 17.","DOI":"10.3390\/su17020687"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"102020","DOI":"10.1016\/j.cose.2020.102020","article-title":"When believing in technology leads to poor cyber security: Development of a trust in technical controls scale","volume":"98","author":"Butavicius","year":"2020","journal-title":"Comput. Sec."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"e1","DOI":"10.4108\/eetcs.v7i23.3011","article-title":"Application Programming Interface (API) Security in Cloud Applications","volume":"7","author":"Qazi","year":"2023","journal-title":"EAI Endorsed Trans. Cloud Syst."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"1","DOI":"10.36676\/j.sust.sol.v2.i1.53","article-title":"Development of Secure API Gateways for Cloud Services","volume":"2","author":"Bhavandla","year":"2025","journal-title":"J. Sustain. Solut."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"422","DOI":"10.3390\/network3030018","article-title":"An Analysis of Cloud Security Frameworks, Problems and Proposed Solutions","volume":"3","author":"Chauhan","year":"2023","journal-title":"Network"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Alghofaili, Y., Albattah, A., Alrajeh, N., Rassam, M.A., and Al-rimy, B.A.S. (2021). Secure Cloud Infrastructure: A Survey on Issues, Current Solutions, and Open Challenges. Appl. Sci., 11.","DOI":"10.3390\/app11199005"},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"1","DOI":"10.14763\/2017.1.443","article-title":"Fostering a cyber security mindset","volume":"6","author":"Dutton","year":"2017","journal-title":"Internet Policy Rev."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"1640","DOI":"10.1057\/s41284-024-00435-3","article-title":"Digital security by design","volume":"37","author":"Radanliev","year":"2024","journal-title":"Secur. J."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"107727","DOI":"10.1016\/j.infsof.2025.107727","article-title":"A systematic literature review of agile software development projects","volume":"182","author":"Rath","year":"2025","journal-title":"Inf. Softw. Technol."},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"95613","DOI":"10.1109\/ACCESS.2024.3384410","article-title":"Factors Affecting Agile Software Project Success","volume":"12","author":"Binboga","year":"2024","journal-title":"IEEE Access"},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"509","DOI":"10.1016\/j.cose.2009.04.006","article-title":"Human and organizational factors in computer and information security: Pathways to vulnerabilities","volume":"28","author":"Kraemer","year":"2009","journal-title":"Comput. Secur."},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"843","DOI":"10.1080\/13669877.2025.2539109","article-title":"Human behavior in cybersecurity: An opportunity for risk research","volume":"28","author":"Schaltegger","year":"2025","journal-title":"J. Risk Res."},{"key":"ref_41","first-page":"53","article-title":"User Risky Behavior and Security Awareness through Lifespan","volume":"9","author":"Velki","year":"2019","journal-title":"Int. J. Electr. Comput. Eng. Syst."},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Pugnetti, C., Bj\u00f6rck, A., Sch\u00f6nauer, R., and Casi\u00e1n, C. (2024). Towards Diagnosing and Mitigating Behavioral Cyber Risks. Risks, 12.","DOI":"10.3390\/risks12070116"},{"key":"ref_43","first-page":"100031","article-title":"Cyber security: State of the art, challenges and future directions","volume":"2","author":"Admass","year":"2024","journal-title":"Cyber Secur. Appl."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"220","DOI":"10.14254\/2071-8330.2024\/17-2\/12","article-title":"Cybersecurity and cybercrime: Current trends and threats","volume":"17","author":"Kuzior","year":"2024","journal-title":"J. Int. Stud."},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"100634","DOI":"10.1016\/j.cosrev.2024.100634","article-title":"Twenty-two years since revealing cross-site scripting attacks: A systematic mapping and a comprehensive survey","volume":"52","author":"Hannousse","year":"2024","journal-title":"Comput. Sci. Rev."},{"key":"ref_46","first-page":"126","article-title":"Cross-Site Scripting Attacks and Defensive Techniques: A Comprehensive Survey","volume":"15","author":"Weamie","year":"2022","journal-title":"Int. J. Comm. Netw. Syst. Sci."},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Rodr\u00edguez-Gal\u00e1n, G., Benavides-Astudillo, E., Nu\u00f1ez-Agurto, D., Puente-Ponce, P., C\u00e1rdenas-Delgado, S., and Loacham\u00edn-Valencia, M. (2025). Strategies and Challenges in Detecting XSS Vulnerabilities Using an Innovative Cookie Collector. Future Internet, 17.","DOI":"10.3390\/fi17070284"},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"92","DOI":"10.1016\/j.procs.2023.10.506","article-title":"Study of Cross-Site Request Forgery on Web-Based Application: Exploitations and Preventions","volume":"227","author":"Siahaan","year":"2023","journal-title":"Procedia Comput. Sci."},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"823","DOI":"10.3390\/jcp4040039","article-title":"Enhancing Cybersecurity through Comprehensive Investigation of Data Flow-Based Attack Scenarios","volume":"4","author":"Imtiaz","year":"2024","journal-title":"J. Cybersecur. Priv."},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"781","DOI":"10.1016\/j.procs.2022.12.080","article-title":"Authentication and Authorization in Modern Web Apps for Data Security Using Nodejs and Role of Dark Web","volume":"215","author":"Pant","year":"2022","journal-title":"Procedia Comput. Sci."},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Zhu, D., Zhou, Z., Li, Y., Zhang, H., Chen, Y., Zhao, Z., and Zheng, J. (2025). A Survey of Data Security Sharing. Symmetry, 17.","DOI":"10.3390\/sym17081259"},{"key":"ref_52","doi-asserted-by":"crossref","first-page":"987","DOI":"10.1080\/13669877.2020.1779786","article-title":"A risk management framework for security and integrity of networks and services","volume":"24","author":"Mayer","year":"2021","journal-title":"J. Risk Res."},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"29","DOI":"10.54097\/k5djs164","article-title":"API Common Security Threats and Security Protection Strategies","volume":"10","author":"Zhao","year":"2024","journal-title":"Front. Comput. Intell. Syst."},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"40128","DOI":"10.1109\/ACCESS.2023.3266385","article-title":"Input Validation Vulnerabilities in Web Applications: Systematic Review, Classification, and Analysis of the Current State-of-the-Art","volume":"11","author":"Fadlalla","year":"2023","journal-title":"IEEE Access"},{"key":"ref_55","first-page":"54","article-title":"Analysis and Comparison of Access Control Policies Validation Mechanisms","volume":"7","author":"Aqib","year":"2015","journal-title":"Int. J. Comput. Netw. Inf. Sec."},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"100692","DOI":"10.1016\/j.cosrev.2024.100692","article-title":"A comprehensive review on Software-Defined Networking (SDN) and DDoS attacks: Ecosystem, taxonomy, traffic engineering, challenges and research directions","volume":"55","author":"Kaur","year":"2025","journal-title":"Comput. Sci. Rev."},{"key":"ref_57","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1177\/1550147717741463","article-title":"A survey of distributed denial-of-service attack, prevention, and mitigation techniques","volume":"13","author":"Mahjabin","year":"2017","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"324","DOI":"10.3390\/jcp4020016","article-title":"Understanding and Classifying Permanent Denial-of-Service Attacks","volume":"4","author":"Abaimov","year":"2024","journal-title":"J. Cybersecur. Priv."},{"key":"ref_59","unstructured":"Kramer, N. (2026, January 03). Top 10 Front-End Frameworks for Responsive Design 2024. Available online: https:\/\/daily.dev\/blog\/top-10-front-end-frameworks-for-responsive-design-2024."},{"key":"ref_60","unstructured":"Haq, A. (2026, January 03). 8 Must-Know Best Practices for Responsive Web Design in 2024. Available online: https:\/\/iexperto.io\/blog\/responsive-web-design-best-practices\/."},{"key":"ref_61","first-page":"209","article-title":"Script-templates for the Content Security Policy","volume":"19","author":"Johns","year":"2014","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_62","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3149408","article-title":"Semantics-Based Analysis of Content Security Policy Deployment","volume":"12","author":"Calzavara","year":"2018","journal-title":"ACM Trans. Web"},{"key":"ref_63","unstructured":"(2026, January 08). Content Security Policy (CSP). Available online: https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Guides\/CSP."},{"key":"ref_64","unstructured":"Zhuk, O. (2026, January 08). Securing Your E-Commerce Site: A Guide to CSP, Security Headers, and Best Practices. Available online: https:\/\/www.virtocommerce.org\/t\/securing-your-e-commerce-site-a-guide-to-csp-security-headers-and-best-practices\/768."},{"key":"ref_65","unstructured":"(2026, January 08). Subresource Integrity (SRI) Implementation. Available online: https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/Security\/Practical_implementation_guides\/SRI."},{"key":"ref_66","doi-asserted-by":"crossref","first-page":"67","DOI":"10.1016\/j.future.2020.03.033","article-title":"A methodology for conducting efficient sanitization of HTTP training datasets","volume":"109","author":"Estepa","year":"2020","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_67","unstructured":"Sasser, D.T. (2026, January 08). Navigating the Security Risks of Arbitrary Values in Tailwind CSS. Available online: https:\/\/dev.to\/dansasser\/navigating-the-security-risks-of-arbitrary-values-in-tailwind-css-59jj."},{"key":"ref_68","unstructured":"(2026, January 08). A High Severity Vulnerability in Glob Utilized by TailwindCSS 3. Available online: https:\/\/github.com\/tailwindlabs\/tailwindcss\/issues\/19327."},{"key":"ref_69","unstructured":"Gualtieri, M. (2026, January 08). Stealing Data With CSS: Attack and Defense. Available online: https:\/\/www.mike-gualtieri.com\/posts\/stealing-data-with-css-attack-and-defense\/."},{"key":"ref_70","unstructured":"(2026, January 08). Securing Cascading Style Sheets Cheat Sheet. Available online: https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Securing_Cascading_Style_Sheets_Cheat_Sheet.html."},{"key":"ref_71","first-page":"122","article-title":"Vulnerabilities of Web Applications: Good Practices and New Trends","volume":"3","author":"Nawrocki","year":"2024","journal-title":"Appl. Cybersecur. Internet Gov."},{"key":"ref_72","first-page":"779","article-title":"Security of Backend Systems: Advanced Methods Ensuring Data Protection","volume":"7","author":"Machekhin","year":"2024","journal-title":"Int. J. Sci. Res. Eng. Dev."},{"key":"ref_73","unstructured":"Stralenia, S. (2026, January 20). 5 Typical Security Issues Every Backend Has. Available online: https:\/\/medium.com\/@sergeistralenia\/5-typical-security-issues-every-backend-has-8b4b751114a9."},{"key":"ref_74","doi-asserted-by":"crossref","first-page":"716","DOI":"10.1016\/j.dcan.2022.09.024","article-title":"Detection and defending the XSS attack using novel hybrid stacking ensemble learning-based DNN approach","volume":"10","author":"Krishnan","year":"2024","journal-title":"Digit. Commun. Netw."},{"key":"ref_75","doi-asserted-by":"crossref","unstructured":"Li, Z., Liu, F., Gu, Z., and Liu, Y. (2025). XSS Attack Detection Method Based on CNN-BiLSTM-Attention. Appl. Sci., 15.","DOI":"10.3390\/app15168924"},{"key":"ref_76","first-page":"104324","article-title":"Software supply chain: A taxonomy of attacks, mitigations and risk assessment strategies","volume":"97","author":"Gokkaya","year":"2026","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_77","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1007\/s10207-024-00914-z","article-title":"DevSecOps practices and tools","volume":"24","author":"Prates","year":"2025","journal-title":"Int. J. Inf. Secur."},{"key":"ref_78","doi-asserted-by":"crossref","unstructured":"Mohammed, K.I., Shanmugam, B., and El-Den, J. (2025). Evolution of DevSecOps and Its Influence on Application Security: A Systematic Literature Review. Technologies, 13.","DOI":"10.3390\/technologies13120548"},{"key":"ref_79","doi-asserted-by":"crossref","unstructured":"Adewumi, A., Misra, S., and Dama\u0161evi\u010dius, R. (2019). A Complexity Metrics Suite for Cascading Style Sheets. Computers, 8.","DOI":"10.3390\/computers8030054"},{"key":"ref_80","unstructured":"Coyler, C. (2026, January 22). CSS Security Vulnerabilities. Available online: https:\/\/css-tricks.com\/css-security-vulnerabilities\/."},{"key":"ref_81","unstructured":"Mirzaei, O. (2026, January 22). Abusing with Style: Leveraging Cascading Style Sheets for Evasion and Tracking. Available online: https:\/\/blog.talosintelligence.com\/css-abuse-for-evasion-and-tracking\/."},{"key":"ref_82","doi-asserted-by":"crossref","unstructured":"Peppes, N., Alexakis, T., Adamopoulou, E., and Demestichas, K. (2023). The Effectiveness of Zero-Day Attacks Data Samples Generated via GANs on Deep Learning Classifiers. Sensors, 23.","DOI":"10.3390\/s23020900"},{"key":"ref_83","doi-asserted-by":"crossref","first-page":"133","DOI":"10.1007\/s10207-025-01061-9","article-title":"Identifying factors influencing the duration of zero-day vulnerabilities","volume":"24","author":"Roumani","year":"2025","journal-title":"Int. J. Inf. Secur."},{"key":"ref_84","unstructured":"Galloway, L.A. (2026, January 22). Forever Day: The Threat That Never Ends. Available online: https:\/\/www.infosecurity-magazine.com\/opinions\/forever-day-threat\/."}],"container-title":["Digital"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2673-6470\/6\/1\/26\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,23]],"date-time":"2026-03-23T10:27:03Z","timestamp":1774261623000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2673-6470\/6\/1\/26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3,21]]},"references-count":84,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,3]]}},"alternative-id":["digital6010026"],"URL":"https:\/\/doi.org\/10.3390\/digital6010026","relation":{},"ISSN":["2673-6470"],"issn-type":[{"value":"2673-6470","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3,21]]}}}