{"id":"https://openalex.org/W4390817543","doi":"https://doi.org/10.3390/software3010002","title":"Automating SQL Injection and Cross-Site Scripting Vulnerability Remediation in Code","display_name":"Automating SQL Injection and Cross-Site Scripting Vulnerability Remediation in Code","publication_year":2024,"publication_date":"2024-01-12","ids":{"openalex":"https://openalex.org/W4390817543","doi":"https://doi.org/10.3390/software3010002"},"language":"en","primary_location":{"id":"doi:10.3390/software3010002","is_oa":true,"landing_page_url":"https://doi.org/10.3390/software3010002","pdf_url":"https://www.mdpi.com/2674-113X/3/1/2/pdf?version=1706068977","source":{"id":"https://openalex.org/S4210183365","display_name":"Software","issn_l":"2674-113X","issn":["2674-113X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://www.mdpi.com/2674-113X/3/1/2/pdf?version=1706068977","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093712220","display_name":"Kedar Sambhus","orcid":"https://orcid.org/0009-0002-5779-1221"},"institutions":[{"id":"https://openalex.org/I100633361","display_name":"University of Massachusetts Dartmouth","ror":"https://ror.org/00fzmm222","country_code":"US","type":"education","lineage":["https://openalex.org/I100633361"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kedar Sambhus","raw_affiliation_strings":["Department of Computer and Information Science, University of Massachusetts Dartmouth, 285 Old Westport Road, Dartmouth, MA 02747, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer and Information Science, University of Massachusetts Dartmouth, 285 Old Westport Road, Dartmouth, MA 02747, USA","institution_ids":["https://openalex.org/I100633361"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100330500","display_name":"Yi Liu","orcid":"https://orcid.org/0000-0002-1571-5442"},"institutions":[{"id":"https://openalex.org/I100633361","display_name":"University of Massachusetts Dartmouth","ror":"https://ror.org/00fzmm222","country_code":"US","type":"education","lineage":["https://openalex.org/I100633361"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yi Liu","raw_affiliation_strings":["Department of Computer and Information Science, University of Massachusetts Dartmouth, 285 Old Westport Road, Dartmouth, MA 02747, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer and Information Science, University of Massachusetts Dartmouth, 285 Old Westport Road, Dartmouth, MA 02747, USA","institution_ids":["https://openalex.org/I100633361"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5100330500"],"corresponding_institution_ids":["https://openalex.org/I100633361"],"apc_list":null,"apc_paid":null,"fwci":4.871,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.94873057,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":98},"biblio":{"volume":"3","issue":"1","first_page":"28","last_page":"46"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9962000250816345,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9768000245094299,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.9303537011146545},{"id":"https://openalex.org/keywords/sql-injection","display_name":"SQL injection","score":0.8608473539352417},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8275842666625977},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.6272430419921875},{"id":"https://openalex.org/keywords/code-refactoring","display_name":"Code refactoring","score":0.616877019405365},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.6082330346107483},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.6024800539016724},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.5229083895683289},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.5191537737846375},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.39728009700775146},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3949652910232544},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.39168429374694824},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.3898985683917999},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3115275204181671},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.3107887804508209},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.30012303590774536},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.29109621047973633},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.1670967936515808},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.12702742218971252},{"id":"https://openalex.org/keywords/query-by-example","display_name":"Query by Example","score":0.08337247371673584}],"concepts":[{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.9303537011146545},{"id":"https://openalex.org/C150451098","wikidata":"https://www.wikidata.org/wiki/Q506059","display_name":"SQL injection","level":5,"score":0.8608473539352417},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8275842666625977},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.6272430419921875},{"id":"https://openalex.org/C152752567","wikidata":"https://www.wikidata.org/wiki/Q116877","display_name":"Code refactoring","level":3,"score":0.616877019405365},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.6082330346107483},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.6024800539016724},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.5229083895683289},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5191537737846375},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.39728009700775146},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3949652910232544},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.39168429374694824},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.3898985683917999},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3115275204181671},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.3107887804508209},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.30012303590774536},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.29109621047973633},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.1670967936515808},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.12702742218971252},{"id":"https://openalex.org/C194222762","wikidata":"https://www.wikidata.org/wiki/Q114486","display_name":"Query by Example","level":4,"score":0.08337247371673584},{"id":"https://openalex.org/C164120249","wikidata":"https://www.wikidata.org/wiki/Q995982","display_name":"Web search query","level":3,"score":0.0},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0},{"id":"https://openalex.org/C97854310","wikidata":"https://www.wikidata.org/wiki/Q19541","display_name":"Search engine","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/software3010002","is_oa":true,"landing_page_url":"https://doi.org/10.3390/software3010002","pdf_url":"https://www.mdpi.com/2674-113X/3/1/2/pdf?version=1706068977","source":{"id":"https://openalex.org/S4210183365","display_name":"Software","issn_l":"2674-113X","issn":["2674-113X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:d15368cd3b3b49d2aaabb9481cd9ccc4","is_oa":true,"landing_page_url":"https://doaj.org/article/d15368cd3b3b49d2aaabb9481cd9ccc4","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Software, Vol 3, Iss 1, Pp 28-46 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/software3010002","is_oa":true,"landing_page_url":"https://doi.org/10.3390/software3010002","pdf_url":"https://www.mdpi.com/2674-113X/3/1/2/pdf?version=1706068977","source":{"id":"https://openalex.org/S4210183365","display_name":"Software","issn_l":"2674-113X","issn":["2674-113X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6600000262260437}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4390817543.pdf"},"referenced_works_count":13,"referenced_works":["https://openalex.org/W2128962261","https://openalex.org/W2465737833","https://openalex.org/W2766780114","https://openalex.org/W2889140200","https://openalex.org/W2978958440","https://openalex.org/W2994922757","https://openalex.org/W3134974591","https://openalex.org/W3183235808","https://openalex.org/W3198611694","https://openalex.org/W3207472131","https://openalex.org/W3216878076","https://openalex.org/W4241796404","https://openalex.org/W7064508335"],"related_works":["https://openalex.org/W4312406950","https://openalex.org/W3188339517","https://openalex.org/W2611747598","https://openalex.org/W2549898710","https://openalex.org/W2166381878","https://openalex.org/W2070218579","https://openalex.org/W4316037345","https://openalex.org/W189846524","https://openalex.org/W4387982731","https://openalex.org/W4240401768"],"abstract_inverted_index":{"Internet-based":[0],"distributed":[1],"systems":[2],"dominate":[3],"contemporary":[4],"software":[5,14,33],"applications.":[6],"To":[7,48],"enable":[8],"these":[9,50,101],"applications":[10],"to":[11,38,123],"operate":[12],"securely,":[13],"developers":[15,27],"must":[16,28],"mitigate":[17],"the":[18,26,32,70,105,109],"threats":[19],"posed":[20],"by":[21,91,103],"malicious":[22],"actors.":[23],"For":[24],"instance,":[25],"identify":[29],"vulnerabilities":[30,76,102],"in":[31,77,96],"and":[34,45,54,68,84,131],"eliminate":[35],"them.":[36],"However,":[37],"do":[39],"so":[40],"manually":[41],"is":[42,89],"a":[43,62,92],"costly":[44],"time-consuming":[46],"process.":[47],"reduce":[49],"costs,":[51],"we":[52],"designed":[53],"implemented":[55],"Code":[56],"Auto-Remediation":[57],"for":[58],"Enhanced":[59],"Security":[60],"(CARES),":[61],"web":[63,79],"application":[64],"that":[65],"automatically":[66],"identifies":[67],"remediates":[69],"two":[71],"most":[72],"common":[73],"types":[74],"of":[75],"Java-based":[78],"applications:":[80],"SQL":[81],"injection":[82,126],"(SQLi)":[83],"Cross-Site":[85],"Scripting":[86],"(XSS).":[87],"As":[88],"shown":[90],"case":[93],"study":[94],"presented":[95],"this":[97],"paper,":[98],"CARES":[99,117],"mitigates":[100],"refactoring":[104],"Java":[106],"code":[107],"using":[108],"Intercepting":[110],"Filter":[111],"design":[112,118,129],"pattern.":[113],"The":[114],"flexible,":[115],"microservice-based":[116],"can":[119],"be":[120],"readily":[121],"extended":[122],"support":[124],"other":[125],"vulnerabilities,":[127],"remediation":[128],"patterns,":[130],"programming":[132],"languages.":[133]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":2}],"updated_date":"2025-12-21T01:58:51.020947","created_date":"2025-10-10T00:00:00"}