Xyz Website Security Analysis Against Sql Injection And Cross Site Scripting Attacks

Website security is an important aspect in protecting data and information from potential threats. This study aims to analyze the security of the XYZ website against SQL Injection and Cross-Site Scripting (XSS) attacks. The types of attacks used are SQL Injection and XSS. SQL Injection is a dangerous injection attack that can pose a security threat to website users and gain access to penetrate the website database, can cause sensitive data leaks. XSS is an attack carried out on a website and inserts malicious code in the form of a script into the website. can cause theft of sensitive user data and login information. Therefore, through this study, it is hoped that a good analysis can be obtained for the security and vulnerability of the XYZ website. The results of this study, that SQL Injection attacks can find vulnerabilities in the URL and login display on the XYZ website, can be exploited by attackers. While XSS attacks cannot find vulnerabilities on the XYZ website. In XSS attacks can prevent attacks because there is a Content Security Policy (CSP) implementation. Research, analysis of attack results is carried out to provide recommendations for improvements if vulnerabilities are found on the website.