Research Article
Automating Risk Analysis of Software Design Models
Table 1
Vulnerabilities reported to be found in corresponding AutSEC reports.
| Design report | Implementation report | Verification report |
| Cross-site request forgery (CSRF) | Time of check to time of use | Cross-site request forgery (CSRF) | Insecure cryptographic storage | SQL injection attacks | Insecure cryptographic storage | | Reflected cross-site scripting (RXSS) | Time of check to time of use | | E-mail headers injection | SQL injection attacks | | | Reflected cross-site scripting (RXSS) | | | E-mail headers injection |
|
|