Analisis Kerentanan Cross Site Scripting (XSS): Metode Serangan, Dampak, dan Strategi Pengamanan
Keywords:
Cross Site Scripting (XSS), Web Security, Attack Methods, Impacts, Cybersecurity, System Literature Review (SLR)Abstract
Cross Site Scripting (XSS) attacks pose a significant threat to web security, with the potential to disrupt web performance, steal sensitive user information, and even take full control of a website. This research aims to analyze various XSS attack methods, their impacts, and proposed security strategies. Among the 30 reviewed journals, the most frequently used method is the Open Web Application Security Project (OWASP), cited in 19 journals, with OWASP ZAP being the most commonly used tool, mentioned in 11 journals. The most recommended security strategy is Input Validation, suggested in 12 journals. XSS has a highly significant impact, not only compromising the integrity and confidentiality of user data but also disrupting the normal functionality and reputation of a website. This study reveals that despite efforts to mitigate XSS attacks, their success rates vary. It emphasizes the need for a comprehensive approach to address XSS attacks and protect websites from associated risks
Abstrak
Serangan Cross Site Scripting (XSS) merupakan ancaman yang sangat berbahaya terhadap keamanan web dengan potensi untuk merusak kinerja sebuah web, mencuri informasi sensitif pengguna, bahkan mengambil alih kendali penuh atas web tersebut. Penelitian ini bertujuan untuk menganalisis berbagai metode serangan XSS, dampaknya, dan strategi pengamanan yang diusulkan.Dari 30 jurnal yang direview, metode yang sering digunakan adalah Open Web Application Security Project (OWASP) sebanyak 19 jurnal,dengan tool yang sering digunakan yaitu OWASP ZAP sebanyak 11 jurnal, dan Strategi pengamanan yang paling banyak disarankan yaitu Validasi Input sebanyak 12 jurnal. XSS memiliki dampak sangat signifikan, tidak hanya merusak integritas dan kerahasiaan data pengguna, tetapi juga dapat mengganggu fungsi normal dan reputasi sebuah situs web. Penilitian ini menujukan meskipun telah dilakukan upaya untuk mengurangi serangan XSS, keberhasilannya bervariasi.
Kata Kunci: Skrip Lintas Situs (XSS); Keamanan Web; Metode Penyerangan; Dampak Penyerangan; Keamanan Siber; Sistem Literatur Review (SLR).
