Cover Image

OWASP A03 Injection Vulnerability in Web Application Development

Web applications are crucial for businesses and individuals by providing efficient communication, collaboration, and access to services and information via browsers, boosting connectedness, productivity, and creativity in the digital era. Insecure web applications pose risks of data breaches, malwar...

Full description

Saved in:
Bibliographic Details
Main Authors: Lim, Phei Chin, Andy Chieng, Ging Wei, Ling, Huo Chong, Nurfauza, Jali
Format: Article
Language:English
Published: Semarak Ilmu Publishing 2026
Subjects:
QA76 Computer software
T Technology (General)
Online Access:http://ir.unimas.my/id/eprint/46267/2/OWASP%20A03%20Injection.pdf
http://ir.unimas.my/id/eprint/46267/
https://semarakilmu.com.my/journals/index.php/applied_sciences_eng_tech/article/view/5359
https://doi.org/10.37934/araset.57.1.107116
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.unimas.ir-46267
record_format eprints
spelling my.unimas.ir-462672024-10-09T03:33:24Z http://ir.unimas.my/id/eprint/46267/ OWASP A03 Injection Vulnerability in Web Application Development Lim, Phei Chin Andy Chieng, Ging Wei Ling, Huo Chong Nurfauza, Jali QA76 Computer software T Technology (General) Web applications are crucial for businesses and individuals by providing efficient communication, collaboration, and access to services and information via browsers, boosting connectedness, productivity, and creativity in the digital era. Insecure web applications pose risks of data breaches, malware, and unauthorized access which jeopardize user privacy, trust, and organizational security. Web developers must be knowledgeable and prepared to deal with common vulnerabilities in web applications. A prototype web application (https://webriska3.tech) with lesson and editor module is developed to train web developers on the Open Web Application Security Project (OWASP) Top Ten security risks, focusing on A03 - Injection vulnerability. OWASP A03 Injection vulnerability is one of the most common vulnerabilities that is at the heart of any database-driven web applications. Evaluation on the prototype in improvement knowledge on A03 – Injection vulnerability, testers are recruited to complete two coding tasks in laboratory environment. 80% of testers mastered Output escaping/encoding defensive technique while Prepared statement/Parameterized Query defensive technique is the hardest to master. The prototype obtained average System Usability Scale (SUS) score of 57 that is below average, indicating issues with the prototype interface. This work showed promising results of increase understanding on A03 Injection vulnerability and implementation skills to protect web application against attack and exploitations. Semarak Ilmu Publishing 2026 Article PeerReviewed text en http://ir.unimas.my/id/eprint/46267/2/OWASP%20A03%20Injection.pdf Lim, Phei Chin and Andy Chieng, Ging Wei and Ling, Huo Chong and Nurfauza, Jali (2026) OWASP A03 Injection Vulnerability in Web Application Development. Journal of Advanced Research in Applied Sciences and Engineering Technology, 57 (1). pp. 107-116. ISSN 2462-1943 https://semarakilmu.com.my/journals/index.php/applied_sciences_eng_tech/article/view/5359 https://doi.org/10.37934/araset.57.1.107116
institution Universiti Malaysia Sarawak
building Centre for Academic Information Services (CAIS)
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Malaysia Sarawak
content_source UNIMAS Institutional Repository
url_provider http://ir.unimas.my/
language English
topic QA76 Computer software
T Technology (General)
spellingShingle QA76 Computer software
T Technology (General)
Lim, Phei Chin
Andy Chieng, Ging Wei
Ling, Huo Chong
Nurfauza, Jali
OWASP A03 Injection Vulnerability in Web Application Development
description Web applications are crucial for businesses and individuals by providing efficient communication, collaboration, and access to services and information via browsers, boosting connectedness, productivity, and creativity in the digital era. Insecure web applications pose risks of data breaches, malware, and unauthorized access which jeopardize user privacy, trust, and organizational security. Web developers must be knowledgeable and prepared to deal with common vulnerabilities in web applications. A prototype web application (https://webriska3.tech) with lesson and editor module is developed to train web developers on the Open Web Application Security Project (OWASP) Top Ten security risks, focusing on A03 - Injection vulnerability. OWASP A03 Injection vulnerability is one of the most common vulnerabilities that is at the heart of any database-driven web applications. Evaluation on the prototype in improvement knowledge on A03 – Injection vulnerability, testers are recruited to complete two coding tasks in laboratory environment. 80% of testers mastered Output escaping/encoding defensive technique while Prepared statement/Parameterized Query defensive technique is the hardest to master. The prototype obtained average System Usability Scale (SUS) score of 57 that is below average, indicating issues with the prototype interface. This work showed promising results of increase understanding on A03 Injection vulnerability and implementation skills to protect web application against attack and exploitations.
format Article
author Lim, Phei Chin
Andy Chieng, Ging Wei
Ling, Huo Chong
Nurfauza, Jali
author_facet Lim, Phei Chin
Andy Chieng, Ging Wei
Ling, Huo Chong
Nurfauza, Jali
author_sort Lim, Phei Chin
title OWASP A03 Injection Vulnerability in Web Application Development
title_short OWASP A03 Injection Vulnerability in Web Application Development
title_full OWASP A03 Injection Vulnerability in Web Application Development
title_fullStr OWASP A03 Injection Vulnerability in Web Application Development
title_full_unstemmed OWASP A03 Injection Vulnerability in Web Application Development
title_sort owasp a03 injection vulnerability in web application development
publisher Semarak Ilmu Publishing
publishDate 2026
url http://ir.unimas.my/id/eprint/46267/2/OWASP%20A03%20Injection.pdf
http://ir.unimas.my/id/eprint/46267/
https://semarakilmu.com.my/journals/index.php/applied_sciences_eng_tech/article/view/5359
https://doi.org/10.37934/araset.57.1.107116
_version_ 1814942143132729344
score 13.211869

Similar Items