Cross-site Scripting Reflected as A Risk High-Level Attack on University Website
DOI:
https://doi.org/10.62711/ijite.v1i3.65Keywords:
Cross-site scripting, University, Manado State UniversityAbstract
The era of digitalization is an era where information can be exchanged quickly and easily. This has contributed to improving the standard of human life for the better in all areas of life. The web is a technological innovation that changes the provision of information, services, and displays significantly. This allows for better interaction between service providers and their users. In general, universities use the website as a medium of information and media to support lecture activities and as campus promotions. However, many websites at universities do not yet have a strong level of security or protection, giving rise to opportunities for theft and manipulation of university data. XSS is an attack by inserting malicious code in the form of javascript through the input form that aims to steal cookies and then use these cookies to enter the web legally. The purpose of this study is to find out what risks will be posed by XSS to the website, especially the website used by Manado State University. This research method is carried out in 4 stages, namely software installation, vulnerability testing, presentation of the results of testing and solutions for website vulnerabilities.The results obtained through this study contained several vulnerabilities on Manado State University website which were obtained using OWASP tools. In addition to obtaining vulnerabilities on the website, solutions are also provided to overcome these vulnerabilities.