{"id":"https://openalex.org/W7077058233","doi":"https://doi.org/10.5281/zenodo.15883603","title":"SWIPE: DOM-XSS analysis infrastructure","display_name":"SWIPE: DOM-XSS analysis infrastructure","publication_year":2025,"publication_date":"2025-07-14","ids":{"openalex":"https://openalex.org/W7077058233","doi":"https://doi.org/10.5281/zenodo.15883603"},"language":"en","primary_location":{"id":"doi:10.5281/zenodo.15883603","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.15883603","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"other","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.5281/zenodo.15883603","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Sabino, Nuno","orcid":"https://orcid.org/0000-0001-6302-477X"},"institutions":[{"id":"https://openalex.org/I4387152517","display_name":"Instituto Superior T\u00e9cnico","ror":"https://ror.org/03db2by73","country_code":"PT","type":"education","lineage":["https://openalex.org/I141596103","https://openalex.org/I4387152517"]},{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["PT","US"],"is_corresponding":true,"raw_author_name":"Sabino, Nuno","raw_affiliation_strings":["Carnegie Mellon University","Instituto Superior T\u00e9cnico"],"raw_orcid":"https://orcid.org/0000-0001-6302-477X","affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]},{"raw_affiliation_string":"Instituto Superior T\u00e9cnico","institution_ids":["https://openalex.org/I4387152517"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Cassel, Darion","orcid":"https://orcid.org/0000-0002-7898-966X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Cassel, Darion","raw_affiliation_strings":[],"raw_orcid":"https://orcid.org/0000-0002-7898-966X","affiliations":[]},{"author_position":"middle","author":{"id":null,"display_name":"Abreu, Rui","orcid":"https://orcid.org/0000-0003-3734-3157"},"institutions":[{"id":"https://openalex.org/I182534213","display_name":"Universidade do Porto","ror":"https://ror.org/043pwc612","country_code":"PT","type":"education","lineage":["https://openalex.org/I182534213"]}],"countries":["PT"],"is_corresponding":false,"raw_author_name":"Abreu, Rui","raw_affiliation_strings":["University of Porto"],"raw_orcid":"https://orcid.org/0000-0003-3734-3157","affiliations":[{"raw_affiliation_string":"University of Porto","institution_ids":["https://openalex.org/I182534213"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Ad\u00e3o, Pedro","orcid":"https://orcid.org/0000-0002-4049-1954"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ad\u00e3o, Pedro","raw_affiliation_strings":[],"raw_orcid":"https://orcid.org/0000-0002-4049-1954","affiliations":[]},{"author_position":"middle","author":{"id":null,"display_name":"Bauer, Lujo","orcid":"https://orcid.org/0000-0002-8209-6792"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bauer, Lujo","raw_affiliation_strings":["Carnegie Mellon University"],"raw_orcid":"https://orcid.org/0000-0002-8209-6792","affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"last","author":{"id":null,"display_name":"Jia, Limin","orcid":"https://orcid.org/0000-0002-8160-349X"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jia, Limin","raw_affiliation_strings":["Carnegie Mellon University"],"raw_orcid":"https://orcid.org/0000-0002-8160-349X","affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I4387152517","https://openalex.org/I74973139"],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":true,"primary_topic":{"id":"https://openalex.org/T12157","display_name":"Geochemistry and Geologic Mapping","score":0.3864000141620636,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12157","display_name":"Geochemistry and Geologic Mapping","score":0.3864000141620636,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13177","display_name":"Geological and Geophysical Studies","score":0.04969999939203262,"subfield":{"id":"https://openalex.org/subfields/1907","display_name":"Geology"},"field":{"id":"https://openalex.org/fields/19","display_name":"Earth and Planetary Sciences"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13067","display_name":"Geological Modeling and Analysis","score":0.03139999881386757,"subfield":{"id":"https://openalex.org/subfields/1906","display_name":"Geochemistry and Petrology"},"field":{"id":"https://openalex.org/fields/19","display_name":"Earth and Planetary Sciences"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/swipe","display_name":"SwIPe","score":0.9907000064849854},{"id":"https://openalex.org/keywords/artifact","display_name":"Artifact (error)","score":0.628000020980835},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.47209998965263367},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.3659000098705292},{"id":"https://openalex.org/keywords/baseline","display_name":"Baseline (sea)","score":0.35339999198913574},{"id":"https://openalex.org/keywords/cryptographic-nonce","display_name":"Cryptographic nonce","score":0.34779998660087585}],"concepts":[{"id":"https://openalex.org/C2779623668","wikidata":"https://www.wikidata.org/wiki/Q7652842","display_name":"SwIPe","level":2,"score":0.9907000064849854},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7470999956130981},{"id":"https://openalex.org/C2779010991","wikidata":"https://www.wikidata.org/wiki/Q2720909","display_name":"Artifact (error)","level":2,"score":0.628000020980835},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.47209998965263367},{"id":"https://openalex.org/C121684516","wikidata":"https://www.wikidata.org/wiki/Q7600677","display_name":"Computer graphics (images)","level":1,"score":0.4410000145435333},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.3659000098705292},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3601999878883362},{"id":"https://openalex.org/C12725497","wikidata":"https://www.wikidata.org/wiki/Q810247","display_name":"Baseline (sea)","level":2,"score":0.35339999198913574},{"id":"https://openalex.org/C9996903","wikidata":"https://www.wikidata.org/wiki/Q1749235","display_name":"Cryptographic nonce","level":3,"score":0.34779998660087585},{"id":"https://openalex.org/C36464697","wikidata":"https://www.wikidata.org/wiki/Q451553","display_name":"Visualization","level":2,"score":0.3278999924659729},{"id":"https://openalex.org/C2781324535","wikidata":"https://www.wikidata.org/wiki/Q720106","display_name":"Scroll","level":2,"score":0.30970001220703125},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.30309998989105225},{"id":"https://openalex.org/C171078966","wikidata":"https://www.wikidata.org/wiki/Q111029","display_name":"Root (linguistics)","level":2,"score":0.2858999967575073},{"id":"https://openalex.org/C115961682","wikidata":"https://www.wikidata.org/wiki/Q860623","display_name":"Image (mathematics)","level":2,"score":0.2655999958515167},{"id":"https://openalex.org/C2781078984","wikidata":"https://www.wikidata.org/wiki/Q107205","display_name":"Mega-","level":2,"score":0.2621999979019165}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.5281/zenodo.15883603","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.15883603","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.5281/zenodo.15883603","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.15883603","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.6619025468826294,"id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"SWIPE":[0,102,113,168,195,303,396,404,548,593,605,640,752,855,858,1196,1224,1354,1405,1428],"This":[1,70,208,1078,1119],"is":[2,72,121,130,158,191,225,319,342,464,516,549,580,638,791,826,831,866,874,915,974,994,1001,1079,1191,1239,1376],"the":[3,12,32,75,138,153,156,165,183,189,194,198,230,235,286,296,305,309,313,392,403,422,430,441,455,491,496,500,510,514,528,541,570,577,583,612,616,625,647,651,666,679,747,770,778,798,829,864,877,902,907,932,948,952,984,1012,1031,1038,1042,1051,1059,1067,1071,1075,1089,1096,1100,1109,1114,1126,1129,1134,1149,1170,1189,1193,1209,1231,1237,1265,1275,1314,1339,1362,1369,1402,1407,1410,1419,1425,1433],"artifact":[4,71,139],"for":[5,59,212,290,576,595,887],"SWIPE,":[6],"a":[7,23,142,161,180,215,263,281,361,385,400,437,487,506,643,754,765,773,781,803,819,822,838,849,871,893,913,997,1080,1086,1144,1335,1414],"DOM-XSS":[8,79,327,372],"analysis":[9],"infrastructure":[10],"comprising":[11],"following":[13,199,236,799,933,1090],"components:":[14],"-":[15,25,38,48,329,347,367,397,414,434,458,485,520,547,566,592,603,635,801,833,891,911,943,966,987,1003,1021,1033,1045,1062,1092,1103,1106,1138,1221,1234,1243,1250,1304,1351,1372,1380,1387,1421],"Passive:":[16],"The":[17,323,945,960,968,989,1005,1023,1035,1181],"baseline":[18],"replicating":[19],"passive":[20],"navigation":[21],"on":[22,31,160,171,214,440,600,876,906,1309],"page":[24,162,265,283,306,318,324,345,563],"Fuzzer:":[26,1382],"It":[27],"simulates":[28],"user":[29],"interactions":[30],"webpage":[33,289],"once":[34],"it":[35,224,341,359,383,426,825,937],"finishes":[36],"loading":[37],"DSE:":[39,1245],"A":[40,50,368,657,1047,1064],"symbolic":[41,276],"execution":[42,277],"engine":[43],"that":[44,52,351,375,416,460,483,569,572,601,650,675,757,789,844,851,863,951,1027,1040,1140,1184,1188,1203,1267,1306,1404,1427],"synthesizes":[45],"GET":[46,393,1130],"parameters":[47,394,1131],"Webarchive:":[49],"component":[51],"aids":[53],"with":[54,74,217,234,606,624,724,742,842,882,917,1088,1201,1345],"stability":[55],"of":[56,95,109,127,185,315,659,668,772,780,805,840,895,936,947,962,1037,1066,1070,1082,1095,1108,1125,1164,1313,1338],"results,":[57],"allowing":[58],"archiving":[60],"pages":[61],"and":[62,85,97,114,140,163,173,220,273,279,293,370,493,532,923],"replaying":[63],"previously":[64],"created":[65,686,886],"archives":[66],"using":[67,197,402,482],"other":[68,1271],"components.":[69],"associated":[73],"NDSS'26":[76],"paper,":[77],"#1467":[78],"Detection":[80],"via":[81,432],"Webpage":[82],"Interaction":[83],"Fuzzing":[84],"URL":[86,571,771,1036,1330],"Component":[87],"Synthesis.":[88],"Prerequisites":[89],"We":[90,260,1211],"recommend":[91],"at":[92,312,321,665,1268,1424],"least":[93,1269],"4GB":[94],"RAM":[96],"4":[98],"cores":[99,219],"to":[100,111,136,151,266,269,284,364,388,421,424,428,443,445,480,495,523,537,551,560,564,598,633,726,777,815,821,861,955,958,979,1014,1030,1146,1153,1207,1215,1225,1248,1260,1321,1341,1347,1355,1361,1367,1385,1397,1430],"run":[101,270,407,451,552,854,1226,1356],"smoothly.":[103],"You":[104,476,503,608,671],"will":[105,133,261,301,472,662,859,1120,1176,1212],"need":[106,559,1152,1366],"about":[107],"30GB":[108],"storage":[110],"install":[112],"follow":[115],"these":[116,898],"instructions":[117],"without":[118],"issues.":[119],"There":[120],"no":[122],"GPU":[123],"requirement.":[124],"In":[125,295,1323],"terms":[126],"software,":[128],"`docker`":[129],"required,":[131],"`unzip`":[132],"be":[134,149,336,354,365,378,389,474,538,663,816,956,1122,1147,1154,1177,1205],"useful":[135],"extract":[137],"optionally":[141],"VNC":[143,147,433,446,488,511,617],"viewer":[144,489],"like":[145,981,1016,1128,1166],"Tiger":[146],"can":[148,228,335,352,376,477,672,775,836,1204],"used":[150,1206],"visualize":[152],"browser":[154,431,515,613,756],"while":[155],"tool":[157],"working":[159,258],"evaluate":[164],"webarchive":[166],"component.":[167],"was":[169,232,904,1028,1141,1273],"tested":[170],"macOS":[172],"Ubuntu":[174],"24.04.":[175],"Installation":[176],"(with":[177],"Docker)":[178],"Open":[179,486],"terminal":[181],"in":[182,308,331,349,373,391,454,490,509,527,540,582,615,678,750,793,847,1058,1074,1099,1179,1183,1192,1277,1334,1409],"root":[184,314],"this":[186,417,452],"project":[187],"(where":[188],"Dockerfile":[190],"located).":[192],"Build":[193],"image":[196,231,241],"command:":[200,237],"`$":[201],"docker":[202,240],"build":[203],"--platform=linux/amd64":[204],"-t":[205],"swipe:latest":[206],".`":[207],"takes":[209],"~10":[210],"minutes":[211,253,632,1259,1396],"us":[213],"machine":[216],"8":[218],"32GB":[221],"RAM.":[222],"Once":[223,636],"done,":[226],"you":[227,557,835,853,1364],"confirm":[229,862,1208,1216,1431],"built":[233],"```bash":[238,1280,1437],"$":[239,689,1281,1438],"ls":[242],"REPOSITORY":[243],"TAG":[244],"IMAGE":[245],"ID":[246],"CREATED":[247],"SIZE":[248],"swipe":[249],"latest":[250],"c59dc313cfaf":[251],"3":[252,326,631,1395],"ago":[254],"9.56GB":[255],"```":[256,586,591,688,745,1303],"Minimal":[257],"example":[259,578],"use":[262],"single":[264],"show":[267,1187,1213],"how":[268,918,924,1214],"Passive,":[271,291],"Fuzzer":[272,292,1238,1350,1358,1391,1420,1435],"DSE":[274,294,1220,1228,1254,1307,1333,1375],"(the":[275],"component),":[278],"then":[280,788],"different":[282],"showcase":[285],"webarchive.":[287],"Example":[288],"next":[297],"few":[298],"steps,":[299],"we":[300,573,1326],"launch":[302],"against":[304,856],"located":[307],"`tests/example_page.html`":[310],"file":[311,680,796],"SWIPE.":[316],"That":[317,795],"hosted":[320],"`http://swipeexample.s3-website-eu-west-1.amazonaws.com/example_page.html`.":[322],"contains":[325],"vulnerabilities:":[328],"One":[330,348],"`vulnerable_passive`":[332,1194],"function,":[333],"which":[334,562,682,1316],"found":[337,355,379,922,1406,1417],"by":[338,356,380,554,868,976,1161,1332,1418],"Passive":[339,546,553,627,637,1171],"because":[340,358,382],"called":[343],"during":[344],"initialization":[346],"`vulnerable_fuzzer`,":[350],"only":[353,377,885],"Fuzzer,":[357],"requires":[360,384],"onmousewheel":[362],"event":[363,999],"triggered":[366,1002],"third":[369],"final":[371,878,908,1024,1052],"`vulnerable_dse`,":[374],"DSE,":[381],"certain":[386,872,888,998],"string":[387,1025],"included":[390],"Initializing":[395],"First,":[398,802,1422],"create":[399],"container":[401,442,529],"image:":[405],"`docker":[406],"--rm":[408],"-it":[409],"-p":[410],"5550:5550":[411],"--entrypoint=bash":[412],"swipe`":[413],"Note":[415,459,1305],"exposes":[418],"port":[419],"5550":[420],"host,":[423],"make":[425],"possible":[427,963],"see":[429,505,611,674],"Next,":[435],"start":[436],"XVFB":[438],"server":[439],"listen":[444],"connections.":[447],"To":[448,1222,1352],"do":[449,621],"that,":[450],"command":[453],"container:":[456],"`./jalangi2-workspace/run_xvfb.sh`":[457],"an":[461,1310],"error":[462],"message":[463],"expected:":[465],"`_XSERVTransmkdir:":[466],"ERROR:":[467],"euid":[468],"!=":[469],"0,directory":[470],"/tmp/.X11-unix":[471],"not":[473,517,622],"created.`.":[475],"press":[478],"ENTER":[479],"keep":[481],"terminal.":[484],"host":[492],"connect":[494],"address":[497],"`localhost:5550`.":[498],"Use":[499],"password":[501],"`DEBUG`.":[502],"should":[504,609,628,683,1186,1255,1263,1392,1400],"blank":[507],"screen":[508],"viewer,":[512],"as":[513,1156],"open":[518,614],"yet.":[519],"Finally,":[521,912],"go":[522],"SWIPE's":[524,669],"main":[525],"folder":[526],"(all":[530],"steps":[531],"commands":[533],"below":[534],"are":[535,810,845,884,899,1158],"supposed":[536],"executed":[539,995],"container):":[542],"`cd":[543],"~/jalangi2-workspace/scripts/swipe/`":[544],"Running":[545,1219,1349],"configured":[550],"default,":[555],"but":[556,619,824],"still":[558],"specify":[561],"analyze:":[565],"Make":[567,1235,1373],"sure":[568,1236,1374],"have":[574,655,684,1342],"provided":[575],"above":[579],"placed":[581],"`config/sample_targets`":[584],"file:":[585,1233,1371],"scan@35ac4b3e72e3:~/jalangi2-workspace/scripts/swipe$":[587],"cat":[588,690,1282,1439],"config/sample_targets":[589],"http://swipeexample.s3-website-eu-west-1.amazonaws.com/example_page.html?gp":[590],"looks":[594],"target":[596],"webpages":[597],"analyze":[599],"file.":[602],"Run":[604,1251,1388],"`./run.sh`.":[607,1253,1389],"now":[610],"window,":[618],"please":[620],"interact":[623],"browser.":[626],"take":[629,1256,1393],"around":[630,1257,1394],"finish.":[634,1261,1398],"finished,":[639],"automatically":[641,1159],"runs":[642,753],"taint":[644,648,760,1068],"parser,":[645],"parsing":[646],"logs":[649],"modified":[652,755],"Chromium":[653],"may":[654,1317],"reported.":[656],"summary":[658,677,749,914],"those":[660],"results":[661,1344],"printed":[664,916],"end":[667],"output.":[670],"also":[673,1197],"same":[676],"`./output.txt`,":[681],"been":[685],"meanwhile.":[687],"output.txt":[691,751,1283,1440],"Unique":[692,730,1441],"potential":[693,807,889,1174,1415,1442],"flows:":[694,732,1443],"{'sink':":[695,1287,1444],"'JAVASCRIPT',":[696,1445],"'ranges':":[697,1289,1446],"[(0,":[698,1290,1447],"2,":[699,1448],"'URL_SEARCH',":[700,1292,1449],"'URL_COMPONENT_DECODED')],":[701,1293,1450],"'sink_arg':":[702,1294,1451],"'gp',":[703,1452],"'iframe':":[704,1296,1453],"'http://swipeexample.s3-website-eu-west-1.amazonaws.com/example_page.html?gp',":[705,708,716,1454],"'stack':":[706,1298,1455],"[{'url':":[707],"'function':":[709,717,1300],"'vulnerable_passive',":[710],"'col':":[711,719],"22,":[712],"'lineno':":[713,721],"22},":[714],"{'url':":[715],"'',":[718],"13,":[720],"24}]}":[722],"URLs":[723,841,881,926,1200,1426],"markers":[725,843,883,1202],"confirm:":[727],"http://swipeexample.s3-website-eu-west-1.amazonaws.com/example_page.html?#&marker<>'\"":[728],"http://swipeexample.s3-website-eu-west-1.amazonaws.com/example_page.html?marker<>'\"":[729],"confirmed":[731,896,939],"None":[733],"Summary:":[734],"#Unique":[735,738],"potential:":[736,942],"1":[737],"confirmed:":[739],"0":[740],"#URLs":[741],"markers:":[743],"2":[744],"Interpreting":[746],"flows":[748,811,900,920,1320],"implements":[758],"dynamic":[759],"analysis.":[761],"Whenever":[762],"information":[763,813,978],"from":[764,818,1050,1112],"possibly":[766],"attacker-controlled":[767,1110],"source":[768,820,1087,1111],"(like":[769,784],"page)":[774],"flow":[776,830,865,930,1145,1175,1185,1272],"argument":[779,910,1013,1026,1102],"dangerous":[782,949],"sink":[783,879,909,950,1032,1053,1076,1101],"`eval`":[785,982],"or":[786,940,983,1018,1133],"`document.write`)":[787],"fact":[790,1266,1403],"reported":[792,1178],"`./output.txt`.":[794,1180],"has":[797,931,1007],"structure:":[800,1091],"list":[804,839,894,1081],"unique":[806],"flows.":[808,890,1348],"These":[809],"where":[812,901,1113],"seems":[814,954],"flowing":[817],"sink,":[823],"unclear":[827],"whether":[828,870],"exploitable":[832,867],"Then,":[834,892],"find":[837],"constructed":[846],"such":[848],"way":[850],"if":[852],"them,":[857],"try":[860],"checking":[869],"marker":[873,903],"present":[875,905],"argument.":[880,1077],"flows,":[897],"many":[919,925],"were":[921,927],"created.":[928],"Each":[929],"structure,":[934],"regardless":[935],"being":[938],"just":[941],"`sink`:":[944],"category":[946],"attacker":[953,969,990,1006],"able":[957],"influence.":[959],"set":[961],"values":[964],"is:":[965],"`JAVASCRIPT`:":[967],"influences":[970,991],"what":[971,992],"JavaScript":[972],"code":[973,993],"executed,":[975],"passing":[977],"function":[980,1278],"`Function`":[985],"constructor":[986],"`JAVASCRIPT_EVENT_HANDLER_ATTRIBUTE`:":[988],"when":[996],"handler":[1000],"`HTML`:":[1004],"HTML":[1008],"injection":[1009],"capabilities,":[1010],"controlling":[1011],"functions":[1015],"`document.write`":[1017],"`inner.HTML`":[1019],"assignments.":[1020],"`sink_arg`:":[1022],"passed":[1029],"`iframe`:":[1034],"iframe":[1039],"contained":[1041],"vulnerable":[1043],"script":[1044],"`stack`:":[1046],"stacktrace,":[1048],"starting":[1049],"call":[1054,1060],"location":[1055],"going":[1056],"upwards":[1057],"chain.":[1061],"`ranges`:":[1063],"description":[1065],"provenance":[1069],"tainted":[1072,1097,1115,1150],"bytes":[1073,1098,1116,1151],"4-tuples,":[1083],"each":[1084],"representing":[1085],"Start":[1093],"index":[1094,1105],"End":[1104],"Name":[1107],"come":[1117],"from.":[1118],"usually":[1121],"some":[1123],"part":[1124],"URL,":[1127],"(`URL_SEARCH`)":[1132],"fragment":[1135],"value":[1136],"(`URL_HASH`).":[1137],"Encoding":[1139],"used.":[1142],"For":[1143],"exploitable,":[1148],"URL-decoded,":[1155],"they":[1157],"encoded":[1160],"built-in":[1162],"mechanisms":[1163],"browsers":[1165],"Chromium.":[1167],"Thus,":[1168],"after":[1169],"run,":[1172],"one":[1173,1270,1276],"stacktrace":[1182],"vulnerability":[1190,1408,1416],"function.":[1195,1412],"generated":[1198],"two":[1199],"vulnerability.":[1210],"vulnerabilities":[1217],"later.":[1218],"configure":[1223,1353],"our":[1227,1324,1357],"component,":[1229,1359],"edit":[1230,1368],"`config/config.json`":[1232,1370],"**disabled**":[1240],"(`\"run-ui-fuzzer\":":[1241],"false`)":[1242,1379],"Enable":[1244,1381],"Set":[1246,1383],"`try-alternative-paths`":[1247],"`true`":[1249,1386],"SWIPE:":[1252],"6":[1258],"`./output.txt`":[1262,1399],"reflect":[1264,1401],"found:":[1274],"`vulnerable_dse`:":[1279],"|":[1284],"grep":[1285],"\"vulnerable_dse\"":[1286],"'HTML',":[1288],"24,":[1291],"'BmustcontainthisstringA?',":[1295],"'http://swipeexample.s3-website-eu-west-1.amazonaws.com/example_page.html?BmustcontainthisstringA?',":[1297],"...":[1299,1302],"'vulnerable_dse',":[1301],"acts":[1308],"instrumented":[1311],"version":[1312,1337],"page,":[1315,1340],"cause":[1318],"false":[1319],"appear.":[1322],"crawls,":[1325],"always":[1327],"re-analyzed":[1328],"every":[1329],"discovered":[1331],"non-instrumented":[1336],"clean":[1343],"respect":[1346],"similarly":[1360],"above,":[1363],"simply":[1365],"disabled:":[1377],"(`\"try-alternative-paths\":":[1378],"`run-ui-fuzzer`":[1384],"Our":[1390],"`vulnerable_fuzzer`":[1411],"Confirming":[1413],"look":[1423],"wants":[1429],"given":[1432],"last":[1434],"run:":[1436]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}