Article Per Year (5 Year)
p-Index From 2020 - 2025
0.23
P-Index
This Author published in this journals
All Journal Jurnal Bumigora Information Technology (BITe)
Dhira Wahyu Febrian
Unknown Affiliation
Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Electrical & Electronics Engineering

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Analisis Kerentanan SQL Injection, Cross Site Scripting, Dan Insecure Direct Object Reference Pada Website Perguruan Tinggi Di Nusa Tenggara Barat Menggunakan Metode Pengujian Penetrasi Dhira Wahyu Febrian; Raphael Bianco Huwae; Ahmad Zafrullah Mardiansyah
Jurnal Bumigora Information Technology (BITe) Vol. 7 No. 1 (2025)
Publisher : Universitas Bumigora

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30812/bite.v7i1.5032

Abstract

Background: In the digital era, cybersecurity is important for universities in protecting academic information and user data. The focus of this research is to identify and analyze the security vulnerabilities of higher education websites in West Nusa Tenggara against three types of attacks, namely SQL Injection, Cross Site Scripting (XSS), and Insecure Direct Object Reference (IDOR), which can compromise the integrity of higher education data and information systems.Objective: This research aims to evaluate the level of vulnerability and severity of the risk of the three types of attacks on the websites of higher education institutions.Methods: This research uses penetration testing methods, and assesses the severity of vulnerabilities based on the Common Vulnerability Scoring System (CVSS) version 3.1.Result: This research results show that 50% of the ten college websites tested are vulnerable to XSS attacks, 30% to SQL Injection, and 20% to IDOR. The highest severity was found in the SQL Injection vulnerability with a CVSS score of 9.0 critical category.Conclusion: The implications of the results of this study indicate that higher education institutions need to immediately strengthen system security with strict input validation, WAF implementation, and adequate authorization mechanisms to prevent future exploitation of similar vulnerabilities.
Co-Authors Ahmad Zafrullah Mardiansyah Raphael Bianco Huwae