9月8日| 英语翻译 | 12分钟翻译挑战 关于UXSS

前言：原来我之前写的翻译还蛮多的，现在又对极客爸爸感兴趣了，真是奇怪，意识到就是最起步的样子。否则，没有说喜欢一会儿，又不喜欢一会儿。

非常漂亮的图：

翻译：

This paper proposes FUZZORIGIN, a browser fuzzer de-signed to detect UXSS vulnerabilities.FUZZORIGIN addresses the above two challenges by (i) designing an origin sanitizer with a static origin tagging mechanism and (ii) prioritizing origin update operations through generating chained navigation operations handling dedicated events.We iplemented FUZZORIGIN, which works with most modern browsers, including Chrome, Firefox, Edge, and Safari. During the evaluation,FUZZORIGIN discovered four previously unknown UXSS vulnerabilities, one in Chrome and three inFirefox, all of which have been confirmed by the vendors.FUZZORIGIN is responsible for finding one out of two UXSS vulnerabilities in Chrome reported in 2021 and all three inFirefox, highlighting its strong effectiveness in finding new UXSS vulnerabilities

这篇论文生产了，FUZZORGiN软件，一个浏览器测试通用xss漏洞软件，模糊测试，设计过程有两个挑战，一个是源过滤，带有静态源触发机制，和确定操作优先级通过生成的点击操作导航链路和处理事件。我们安装这个软件，即使在现代化的流行的浏览器，包括几大浏览器，在执行检测的过程中，我们用这个软件发现了4个相关的漏洞，并且这个软件把这四个漏洞报告给了官方，表明了这是一个非常有效的新的检测器。