Research Article
Automating Risk Analysis of Software Design Models
Table 1
Vulnerabilities reported to be found in corresponding AutSEC reports.
| | Design report | Implementation report | Verification report |
| | Cross-site request forgery (CSRF) | Time of check to time of use | Cross-site request forgery (CSRF) | | Insecure cryptographic storage | SQL injection attacks | Insecure cryptographic storage | | | Reflected cross-site scripting (RXSS) | Time of check to time of use | | | E-mail headers injection | SQL injection attacks | | | | Reflected cross-site scripting (RXSS) | | | | E-mail headers injection |
|
|
