Open AccessA Study of Ajax Template Injection in Web Applications
Author(s) -
Avijit Das Noyon,
Yeahia Md Abid,
Mohamed H. Hassan,
Md. Hasan Sharif,
Fabiha Nawar Deepa,
Rayhanul Islam Rumel,
Rafita Haque,
Samia Nasrin,
M. Robih Thuluz Zaman
Publication year - 2018
Publication title -
international journal of engineering and technology
Language(s) - English
Resource type - Journals
ISSN - 2227-524X
DOI - 10.14419/ijet.v7i3.13.16337
Subject(s) - ajax , web application , computer security , computer science , vulnerability (computing) , world wide web , web application security , web page , web 2.0 , web development
Cyber-attacks are becoming increasingly frequent, causing a lot of damage. Cyber-attacks have crippled our economic infrastructure both directly and indirectly. Attackers steal our valuable data by compromising web application security loopholes. Developers can prevent cyber-attacks using latest web technologies. Since web technologies are becoming more secure, cyber attackers are getting more incursive to find out the zero day vulnerability of the targeted system to breach the security. Nowadays most damaging attacks are done using zero-day vulnerability. An Ajax template injection is such an attack: An unauthenticated attacker dumps database table credentials by intercepting server response. Owing to the damage caused by an Ajax template injection, it can be counted among the OWASP top ten web application vulnerabilities in the near future. This paper discusses the idea of an Ajax template injection and its impact on Ajax-based web applications. This paper also provides statistical data about the percentage of Ajax-based web application vulnerabilities in Bangladesh.