| 摘要 |
A system and program product are described herein for various techniques for detecting a persistent cross-site scripting vulnerability are described herein. In one example, the techniques include detecting, via the processor, a read operation executed on a resource using an instrumentation mechanism and returning, via the processor, a malicious script in response to the read operation. The techniques also include detecting, via the processor, a write operation executed on the resource using the instrumentation mechanism and detecting, via the processor, a script operation executed by the malicious script that results in resource data being sent to an external computing device from a client device. Furthermore, the techniques include receiving, via the processor, metadata indicating the execution of the read operation, the write operation, and the script operation. |
