Security Audit and Analysis of High School Websites Using Cross Site Scripting (XSS) Method and Insecure Direct Object Reference (IDOR) Penetration Test

  • Muhammad Kholilul Adrian Dept Informatics Engineering, University of Mataram
  • Raphael Bianco Huwae
  • Ahmad Zafrullah Mardiansyah
DOI: https://doi.org/10.29303/jcosine.v9i1.611
Abstract: 21 Viewers PDF: 13 Viewers

Abstract

This study investigates security vulnerabilities in secondary school PPDB websites, focusing on Structured Query Language (SQL) Injection and Cross Site Scripting (XSS) techniques. The research aims to conduct a security audit and analysis using XSS methods and Insecure Direct Object References (IDOR) penetration tests. The primary objectives are to identify existing security gaps, provide recommendations for improvement, and enhance the overall security of these websites. By addressing these vulnerabilities, the study seeks to make PPDB websites more secure and reliable in protecting users' personal data and maintaining system integrity. Additionally, this research aims to raise awareness among PPDB system managers and schools about the importance of cybersecurity in website development and management, offering practical solutions and serving as a reference for improving website security in the educational sector.

Author Biography

Muhammad Kholilul Adrian, Dept Informatics Engineering, University of Mataram

This study investigates security vulnerabilities in secondary school PPDB websites, focusing on Structured Query Language (SQL) Injection and Cross Site Scripting (XSS) techniques. The research aims to conduct a security audit and analysis using XSS methods and Insecure Direct Object References (IDOR) penetration tests. The primary objectives are to identify existing security gaps, provide recommendations for improvement, and enhance the overall security of these websites. By addressing these vulnerabilities, the study seeks to make PPDB websites more secure and reliable in protecting users' personal data and maintaining system integrity. Additionally, this research aims to raise awareness among PPDB system managers and schools about the importance of cybersecurity in website development and management, offering practical solutions and serving as a reference for improving website security in the educational sector.

Published
2025-06-30
Issue
Vol. 9 No. 1 (2025): June 2025
Section
Embedded System and Data Communications