Abstract

Web apps hold important information, such as login tokens and individual data, and cybercriminals repeatedly target attackers. Cross-site scripting is one of the most frequent vulnerabilities in web apps. Several techniques and patents are used to mitigate these vulnerabilities. Several 100 articles from a review of research papers published between 2005 and 2023 were considered. This paper reviewed different techniques and tools to detect cross-site scripting attacks, and it will be helpful to understand, analyze, and develop a strategy to deal with them. This paper focuses on different methods and tools for identifying cross-site scripting (XSS) attacks. Also, it depicts the strengths and shortcomings of the existing proposed method. Additionally, it will help to understand existing open issues or challenges faced by previous researchers.

Keywords: Cross-site scripting attack, web application, intrusion detection, web security, application vulnerabilities, stored attack, reflected attack, dom attack.