<![CDATA[The official website of SMK Muhammadiyah 2 Bontoala Makassar plays a crucial role as a medium for information and services. However, its significance is often not matched by a verified security posture. The primary problem addressed in this study is the potential for unidentified cybersecurity vulnerabilities on the website, which malicious actors could exploit. To address this problem, a systematic vulnerability analysis was conducted based on the Open Web Application Security Project (OWASP) Top 10 framework. The testing process combined automated scanning using the OWASP ZAP tool with manual validation via penetration testing to ensure the accuracy of the findings. The assessment successfully identified several critical security flaws, primarily in the categories of Cross-Site Scripting (XSS) (A03:2021), Security Misconfiguration (A05:2021), and Vulnerable and Outdated Components (A06:2021). These vulnerabilities directly expose the website to risks of data breaches, unauthorized content modification, and service disruption. This study concludes by providing concrete technical recommendations for administrators to mitigate the identified vulnerabilities and strengthen the website's overall security posture.]]>
Copyrights © 2025
