Treffer: REAL-TIME TRAFFIC-BASED DETECTION OF XSS VULNERABILITIES VIA BIDIRECTIONAL HTTP TRAFFIC ANALYSIS.

Cross-site Scripting (XSS) vulnerabilities continue to compromise web application security due to delayed detection by periodic scans. This paper proposes a novel real-time, traffic-based detection system that inspects HTTP request-response flows to verify exploitability dynamically. Unlike existing solutions that rely on static rules or post-analysis, the introduced proxy-based framework passively tracks and correlates incoming requests with their reflections in outgoing responses, specifically examining executable contexts. Evaluation using established testing suites demonstrates that the system accurately identifies 66% of exploitable XSS vulnerabilities confirmed by dynamic scanners, with no false positives. The results highlight that real-time traffic analysis effectively complements existing tools, providing immediate and actionable vulnerability insights, significantly narrowing the window for attackers and accelerating the defensive response. [ABSTRACT FROM AUTHOR]