<![CDATA[Background: In the digital era, cybersecurity is important for universities in protecting academic information and user data. The focus of this research is to identify and analyze the security vulnerabilities of higher education websites in West Nusa Tenggara against three types of attacks, namely SQL Injection, Cross Site Scripting (XSS), and Insecure Direct Object Reference (IDOR), which can compromise the integrity of higher education data and information systems.Objective: This research aims to evaluate the level of vulnerability and severity of the risk of the three types of attacks on the websites of higher education institutions.Methods: This research uses penetration testing methods, and assesses the severity of vulnerabilities based on the Common Vulnerability Scoring System (CVSS) version 3.1.Result: This research results show that 50% of the ten college websites tested are vulnerable to XSS attacks, 30% to SQL Injection, and 20% to IDOR. The highest severity was found in the SQL Injection vulnerability with a CVSS score of 9.0 critical category.Conclusion: The implications of the results of this study indicate that higher education institutions need to immediately strengthen system security with strict input validation, WAF implementation, and adequate authorization mechanisms to prevent future exploitation of similar vulnerabilities.]]>
Copyrights © 2025
