FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4386393873> ?p ?o ?g. }

• W4386393873 abstract "In this work, we perform a comprehensive analysis of the security of text input fields in web browsers. We find that browsers' coarse-grained permission model violates two security design principles: least privilege and complete mediation. We further uncover two vulnerabilities in input fields, including the alarming discovery of passwords in plaintext within the HTML source code of the web page. To demonstrate the real-world impact of these vulnerabilities, we design a proof-of-concept extension, leveraging techniques from static and dynamic code injection attacks to bypass the web store review process. Our measurements and case studies reveal that these vulnerabilities are prevalent across various websites, with sensitive user information, such as passwords, exposed in the HTML source code of even high-traffic sites like Google and Cloudflare. We find that a significant percentage (12.5%) of extensions possess the necessary permissions to exploit these vulnerabilities and identify 190 extensions that directly access password fields. Finally, we propose two countermeasures to address these risks: a bolt-on JavaScript package for immediate adoption by website developers allowing them to protect sensitive input fields, and a browser-level solution that alerts users when an extension accesses sensitive input fields. Our research highlights the urgent need for improved security measures to protect sensitive user information online." @default.
• W4386393873 created "2023-09-03" @default.
• W4386393873 creator A5042450214 @default.
• W4386393873 creator A5060208515 @default.
• W4386393873 creator A5079194336 @default.
• W4386393873 date "2023-08-30" @default.
• W4386393873 modified "2023-09-27" @default.
• W4386393873 title "Exposing and Addressing Security Vulnerabilities in Browser Text Input Fields" @default.
• W4386393873 doi "https://doi.org/10.48550/arxiv.2308.16321" @default.
• W4386393873 hasPublicationYear "2023" @default.
• W4386393873 type Work @default.
• W4386393873 citedByCount "0" @default.
• W4386393873 crossrefType "posted-content" @default.
• W4386393873 hasAuthorship W4386393873A5042450214 @default.
• W4386393873 hasAuthorship W4386393873A5060208515 @default.
• W4386393873 hasAuthorship W4386393873A5079194336 @default.
• W4386393873 hasBestOaLocation W43863938731 @default.
• W4386393873 hasConcept C109297577 @default.
• W4386393873 hasConcept C111919701 @default.
• W4386393873 hasConcept C118643609 @default.
• W4386393873 hasConcept C136764020 @default.
• W4386393873 hasConcept C148730421 @default.
• W4386393873 hasConcept C165696696 @default.
• W4386393873 hasConcept C177264268 @default.
• W4386393873 hasConcept C199360897 @default.
• W4386393873 hasConcept C2776760102 @default.
• W4386393873 hasConcept C38652104 @default.
• W4386393873 hasConcept C41008148 @default.
• W4386393873 hasConcept C43126263 @default.
• W4386393873 hasConcept C544833334 @default.
• W4386393873 hasConcept C92717368 @default.
• W4386393873 hasConceptScore W4386393873C109297577 @default.
• W4386393873 hasConceptScore W4386393873C111919701 @default.
• W4386393873 hasConceptScore W4386393873C118643609 @default.
• W4386393873 hasConceptScore W4386393873C136764020 @default.
• W4386393873 hasConceptScore W4386393873C148730421 @default.
• W4386393873 hasConceptScore W4386393873C165696696 @default.
• W4386393873 hasConceptScore W4386393873C177264268 @default.
• W4386393873 hasConceptScore W4386393873C199360897 @default.
• W4386393873 hasConceptScore W4386393873C2776760102 @default.
• W4386393873 hasConceptScore W4386393873C38652104 @default.
• W4386393873 hasConceptScore W4386393873C41008148 @default.
• W4386393873 hasConceptScore W4386393873C43126263 @default.
• W4386393873 hasConceptScore W4386393873C544833334 @default.
• W4386393873 hasConceptScore W4386393873C92717368 @default.
• W4386393873 hasLocation W43863938731 @default.
• W4386393873 hasOpenAccess W4386393873 @default.
• W4386393873 hasPrimaryLocation W43863938731 @default.
• W4386393873 hasRelatedWork W1428729482 @default.
• W4386393873 hasRelatedWork W1480545379 @default.
• W4386393873 hasRelatedWork W189888844 @default.
• W4386393873 hasRelatedWork W2225555018 @default.
• W4386393873 hasRelatedWork W2370993421 @default.
• W4386393873 hasRelatedWork W2393386861 @default.
• W4386393873 hasRelatedWork W2565381658 @default.
• W4386393873 hasRelatedWork W2889726333 @default.
• W4386393873 hasRelatedWork W3005439998 @default.
• W4386393873 hasRelatedWork W4205537931 @default.
• W4386393873 isParatext "false" @default.
• W4386393873 isRetracted "false" @default.
• W4386393873 workType "article" @default.