{"meta":{"page":1,"per_page":50,"max_per_page":100,"total":148,"total_is_capped":false,"direct_labels_cover":0,"predictions_cover":148,"direct_label_status":"direct model label, unvalidated","prediction_status":"machine_predicted_unvalidated (Codex and Gemma teacher distillation)","score_status":"score_only:v0-immature-baseline (scores rank; they never assert a category)","snapshot":{"source":"OpenAlex, pinned release, all 482 partitions","release":"2026-06-24","frame_built":"2026-07-12"},"query_hash":"f745dfd66c4f","filters":{"topic":"Web Application Security Vulnerabilities"}},"results":[{"id":"W2133723082","doi":"10.1145/2382196.2382238","title":"The devil is in the (implementation) details","year":2012,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":198,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"University of British Columbia","funders":"Natural Sciences and Engineering Research Council of Canada","keywords":"Login; Single sign-on; Computer science; Computer security; Implementation; World Wide Web; Internet privacy; Web application; Service provider; Protocol (science); Authentication (law); Web service; Simplicity; Web application security; Service (business); Web development; Software engineering","retraction":null,"screen_n_in":null,"score":{"opus":0.02702643875597453,"gpt":0.3193447649780471,"spread":0.2923183262220725,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.001131708,0.00004996644,0.00003729152,0.00001865151,0.000184884,0.0001938073,0.0009051987,0.00001288664,0.0001128299],"category_scores_gemma":[0.00001666819,0.00002514372,0.00002142322,0.0002518184,0.00003777405,0.0004514416,0.0001015316,0.00006623753,0.0002476808],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00001972464,"about_ca_system_score_gemma":0.00002379014,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00008266445,"about_ca_topic_score_gemma":0.0002798767,"domain_scores_codex":[0.9992018,0.000116425,0.0001529473,0.00009866864,0.0002155017,0.0002146722],"domain_scores_gemma":[0.9989733,0.0004105984,0.00003191654,0.0005304163,0.00002851318,0.00002531922],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"not_applicable","study_design_scores_codex":[2.096181e-7,0.00001583368,0.008439288,9.617803e-7,0.000001668923,3.670533e-8,0.009990758,2.207597e-7,0.00001412334,0.9469062,0.01140587,0.02322483],"study_design_scores_gemma":[0.0001841486,0.00001261346,0.08962068,0.000001068466,0.000001971293,0.000007093669,0.008649179,0.0006232217,0.003599459,0.03892537,0.8582479,0.0001272831],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.4087489,0.001043734,0.3199882,0.1924567,0.0005224397,0.001597348,0.000003882211,0.0002833317,0.07535551],"genre_scores_gemma":[0.9911992,0.000008720275,0.003198835,0.005176385,0.00004681681,0.0001257579,4.79178e-7,0.000001927679,0.0002418853],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.9079809,"threshold_uncertainty_score":0.3183518,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2017035494","doi":"10.1145/2491411.2491456","title":"Z3-str: a z3-based string solver for web application analysis","year":2013,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":195,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of Waterloo","funders":"","keywords":"String (physics); Computer science; String metric; Solver; String searching algorithm; Theoretical computer science; Programming language; Symbolic execution; Concatenation (mathematics); Plug-in; Approximate string matching; Mathematics; Data structure; Physics; Combinatorics; Theoretical physics; Pattern matching","retraction":null,"screen_n_in":null,"score":{"opus":0.01062013889141894,"gpt":0.243209372700715,"spread":0.2325892338092961,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0002859184,0.0001292822,0.0001889938,0.0002307585,0.0001316073,0.0002742964,0.0007764276,0.00006387224,0.0001410065],"category_scores_gemma":[0.00003136664,0.0001199346,0.0001664939,0.000940347,0.00003925691,0.0004656732,0.00009652897,0.00006701001,0.0002329161],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00006043856,"about_ca_system_score_gemma":0.00007932581,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0002246963,"about_ca_topic_score_gemma":0.00008743223,"domain_scores_codex":[0.9986928,0.00002945253,0.0002893003,0.0005038902,0.0002415666,0.0002430565],"domain_scores_gemma":[0.9984274,0.0002820773,0.0001042371,0.0008269926,0.0002601825,0.00009909815],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.000006310664,0.0002605979,0.006890027,0.00006987594,0.0002506519,1.31745e-7,0.0003992855,0.004705049,0.02279796,0.9052504,0.009202869,0.05016685],"study_design_scores_gemma":[0.0002989946,0.0000215637,0.004234849,0.000001514732,0.00003983027,1.939926e-7,0.00005155661,0.9632027,0.008307283,0.01184795,0.01180003,0.0001935239],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.03730826,0.00001285574,0.9575158,0.002690106,0.0000203413,0.0007938661,0.000006274408,0.0003503545,0.00130213],"genre_scores_gemma":[0.8700294,4.909262e-7,0.127627,0.0006089314,0.00004354648,0.001321452,0.00001560869,0.000007361898,0.0003462506],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.9584976,"threshold_uncertainty_score":0.4890791,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2048899404","doi":"10.1145/2187671.2187673","title":"Mitigating program security vulnerabilities","year":2012,"lang":"en","type":"review","venue":"ACM Computing Surveys","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":129,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"","keywords":"Computer science; Secure coding; Vulnerability management; Vulnerability (computing); Computer security; Security bug; Software deployment; Vulnerability assessment; Security testing; Variety (cybernetics); Software security assurance; Risk analysis (engineering); Damages; Key (lock); Security information and event management; Security service; Information security; Cloud computing security; Software engineering; Business","retraction":null,"screen_n_in":null,"score":{"opus":0.08518590885983726,"gpt":0.3652950161445279,"spread":0.2801091072846906,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":["metaepi_narrow","open_science"],"consensus_categories":[],"category_scores_codex":[0.01129461,0.001054527,0.002483039,0.0003529682,0.0006250509,0.0009337268,0.006406118,0.0005965919,0.00003809063],"category_scores_gemma":[0.001672879,0.0009881698,0.0008244778,0.001508913,0.0003268419,0.0006813387,0.004122021,0.001626134,0.0004524954],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0003283682,"about_ca_system_score_gemma":0.0005197378,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0002291675,"about_ca_topic_score_gemma":0.00002172131,"domain_scores_codex":[0.9879385,0.006430189,0.001781982,0.001598549,0.000856962,0.001393858],"domain_scores_gemma":[0.9865147,0.006890288,0.001112576,0.004735566,0.0003661875,0.0003806068],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"design_other","study_design_gemma":"not_applicable","study_design_scores_codex":[1.068672e-7,0.0001612415,0.00004889548,0.007229134,0.00007709384,0.000002565266,0.001155238,0.000002811765,3.75161e-8,0.01090398,0.0003181374,0.9801008],"study_design_scores_gemma":[0.0001107177,0.00005479153,0.00004290882,0.002600536,0.0001222524,0.00008270339,0.00004907832,0.001426095,0.000002729421,0.006184819,0.9881454,0.001178005],"study_design_candidate":"not_applicable","study_design_consensus":null,"genre_codex":"review","genre_gemma":"review","genre_scores_codex":[0.00005665957,0.9666951,0.0260384,0.00008435976,0.001199015,0.001992602,0.00003596663,0.002511828,0.001386007],"genre_scores_gemma":[0.002967689,0.8737938,0.1199975,0.00009236242,0.001784039,0.000683805,0.0002774588,0.0002074773,0.0001958501],"genre_candidate":"review","genre_consensus":"review","teacher_disagreement_score":0.9878272,"threshold_uncertainty_score":0.9992568,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2127229466","doi":"10.5555/2337223.2337257","title":"Automated repair of HTML generation errors in PHP applications using string constraint solving","year":2012,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":97,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"McGill University","funders":"","keywords":"Computer science; Plug-in; String (physics); Programming language; Constraint (computer-aided design); Test suite; HTML element; Suite; Constant (computer programming); Web application; Information retrieval; Web page; Software engineering; Test case; World Wide Web; Mathematics; Machine learning","retraction":null,"screen_n_in":null,"score":{"opus":0.05199819808543812,"gpt":0.3071029673659547,"spread":0.2551047692805166,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0006563478,0.00009978735,0.0001456618,0.0001731153,0.00006801263,0.00003790645,0.0002922889,0.00006081354,0.00002525267],"category_scores_gemma":[0.0000391122,0.0001049098,0.00004778049,0.0005185352,0.00007400425,0.0006724547,0.0001324579,0.00009069829,0.00001048462],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0001114788,"about_ca_system_score_gemma":0.00008857636,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0001924078,"about_ca_topic_score_gemma":0.00004436931,"domain_scores_codex":[0.9988039,0.00007461012,0.0004352574,0.0002427088,0.0001919632,0.0002515991],"domain_scores_gemma":[0.9990928,0.00008968744,0.0001367862,0.0005099255,0.00009989139,0.00007089436],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[9.904145e-7,0.0002380112,0.0171046,0.00005429699,0.0000156991,2.939079e-7,0.003265922,0.004807907,0.1146073,0.8560212,0.0002429595,0.003640818],"study_design_scores_gemma":[0.0001474704,0.000007100811,0.003055544,0.00001208871,0.000003777377,0.000007876539,0.0003707803,0.9668409,0.02817179,0.0006225556,0.0006090523,0.0001511306],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.4102955,0.00007088512,0.5873477,0.00007867721,0.00005432346,0.0003283369,0.000002372823,0.0006248471,0.001197353],"genre_scores_gemma":[0.8165149,0.000001774239,0.1832969,0.00004757167,0.00005035472,0.00006091979,0.000003924882,0.00000560368,0.00001804495],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.9620329,"threshold_uncertainty_score":0.4278097,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2767683523","doi":"10.23919/fmcad.2017.8102241","title":"Z3str3: A String Solver with Theory-aware Heuristics","year":2017,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":96,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of Waterloo","funders":"","keywords":"DPLL algorithm; Computer science; Heuristics; Theoretical computer science; Solver; Heuristic; Predicate abstraction; Branching (polymer chemistry); Algorithm; Discrete mathematics; Mathematics; Programming language; Model checking; Artificial intelligence","retraction":null,"screen_n_in":null,"score":{"opus":0.01630989012560282,"gpt":0.2551499276010801,"spread":0.2388400374754773,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0002801835,0.0001029083,0.0001053818,0.00003004301,0.0004562142,0.000657869,0.001478029,0.00003483265,0.00006519803],"category_scores_gemma":[0.00006522115,0.00007748101,0.00002507033,0.00004641778,0.0001380693,0.0005191057,0.0003921554,0.0001104002,0.00009633134],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00002107157,"about_ca_system_score_gemma":0.00006248559,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00004081888,"about_ca_topic_score_gemma":0.00004021762,"domain_scores_codex":[0.9991319,0.00002823807,0.0001166765,0.0003037643,0.0002240085,0.0001953903],"domain_scores_gemma":[0.9979138,0.0001202316,0.00009789597,0.001681988,0.0001108576,0.00007525438],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"theoretical_or_conceptual","study_design_scores_codex":[0.000003373126,0.00001984987,0.001785135,0.000007469067,0.000007377968,0.000003510533,0.0003615461,0.00001209255,0.00002011451,0.9914078,0.0005765878,0.005795188],"study_design_scores_gemma":[0.002489517,0.0003598747,0.0393596,0.0001144942,0.00003594902,0.00009323906,0.001256617,0.09719016,0.0260663,0.7493377,0.08194225,0.001754323],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":"theoretical_or_conceptual","genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.01866372,0.000009474679,0.9543452,0.001157492,0.00007078096,0.0001309385,0.000002577845,0.0002258667,0.02539396],"genre_scores_gemma":[0.9654486,0.00000197731,0.03202904,0.0002015154,0.0000527052,0.00002086959,6.443665e-7,0.000007254949,0.002237369],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.9467849,"threshold_uncertainty_score":0.6343846,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2048297044","doi":"10.1109/issre.2011.28","title":"JavaScript Errors in the Wild: An Empirical Study","year":2011,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":68,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of British Columbia","funders":"","keywords":"JavaScript; Unobtrusive JavaScript; Computer science; Web application; Empirical research; Code (set theory); Rich Internet application; Programming language; World Wide Web","retraction":null,"screen_n_in":null,"score":{"opus":0.09604654733109515,"gpt":0.33102255244868,"spread":0.2349760051175848,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0009418306,0.00008525475,0.00009164442,0.00007165212,0.00006966031,0.0000841693,0.001650307,0.00002883244,0.00007850489],"category_scores_gemma":[0.00002445626,0.00005403976,0.0000238955,0.0004113177,0.00005158938,0.0004843969,0.000157927,0.000142263,0.0001014174],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00001643686,"about_ca_system_score_gemma":0.00003285074,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0006278676,"about_ca_topic_score_gemma":0.000839388,"domain_scores_codex":[0.9987178,0.0003089013,0.0001977232,0.0003267637,0.0002749677,0.0001738007],"domain_scores_gemma":[0.9987421,0.00006984278,0.00002683268,0.001078342,0.00003491166,0.00004797603],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"qualitative","study_design_gemma":"observational","study_design_scores_codex":[0.000007400543,0.003381951,0.3367921,0.000003545938,0.000009697211,0.00001654881,0.4157843,0.000004241042,0.00001963623,0.2302831,0.006030034,0.007667436],"study_design_scores_gemma":[0.0005443228,0.0006090208,0.8981445,0.000001868097,0.000004467655,0.00001605795,0.03887007,0.007462474,0.0002130858,0.0419476,0.01188135,0.000305179],"study_design_candidate":"observational","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.9465494,0.000008800589,0.02953006,0.001327517,0.00007444587,0.0004484552,2.506499e-7,0.0001571065,0.02190393],"genre_scores_gemma":[0.9895306,3.014672e-7,0.008293802,0.001924623,0.00001972249,0.00009236396,2.851435e-7,0.000003649634,0.00013469],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.5613524,"threshold_uncertainty_score":0.3066709,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2101417205","doi":"10.1109/qsic.2008.33","title":"MUSIC: Mutation-based SQL Injection Vulnerability Checking","year":2008,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":67,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"Natural Sciences and Engineering Research Council of Canada","keywords":"Computer science; SQL injection; SQL; Secure coding; Web application; Source code; Test case; Java; Programming language; Coding (social sciences); Mutation; Unit testing; Database; Software engineering; Operating system; World Wide Web; Query by Example; Software; Search engine; Machine learning","retraction":null,"screen_n_in":null,"score":{"opus":0.04054912552352494,"gpt":0.2635980593103109,"spread":0.2230489337867859,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0004629411,0.0001389791,0.0001434404,0.000122425,0.0003930778,0.00008836376,0.000519935,0.0000703142,0.0001927932],"category_scores_gemma":[0.0001559831,0.0001350506,0.00007529979,0.0006138394,0.0001281996,0.0005932561,0.00008586112,0.0001695735,0.0001567175],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0001181497,"about_ca_system_score_gemma":0.0001874962,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0002675315,"about_ca_topic_score_gemma":0.00005967826,"domain_scores_codex":[0.9984605,0.0001240408,0.0003109485,0.0005029826,0.0003727096,0.0002287995],"domain_scores_gemma":[0.9984909,0.0002927626,0.00008957729,0.0008104435,0.0002280042,0.00008829814],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.00004828194,0.001665151,0.06409369,0.0002044763,0.00006486207,0.00005619587,0.02614292,0.0383593,0.007091362,0.7634957,0.01811069,0.08066732],"study_design_scores_gemma":[0.001572396,0.0002747822,0.1004242,0.00001803189,0.000009272032,0.0002207922,0.0004016775,0.7590403,0.07667644,0.04453052,0.01573027,0.001101289],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.3213617,0.00001189627,0.6697427,0.0009018791,0.0001620477,0.0002081844,9.646729e-7,0.0005940563,0.007016536],"genre_scores_gemma":[0.9550187,6.172623e-7,0.0434962,0.0009772504,0.0000760234,0.00009352058,0.000005304413,0.000008241778,0.0003241651],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.720681,"threshold_uncertainty_score":0.5507205,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2057718232","doi":"10.1145/1455770.1455783","title":"SOMA","year":2008,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":57,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Carleton University","funders":"","keywords":"Computer science; Server; Cross-site scripting; Soma; Web server; Overhead (engineering); Scripting language; Computer security; Key (lock); World Wide Web; Web application security; Web page; The Internet; Web development; Operating system","retraction":null,"screen_n_in":null,"score":{"opus":0.0241689332405172,"gpt":0.2214768913384473,"spread":0.1973079580979301,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.00004736374,0.00003200873,0.00003654748,0.00002222905,0.00007348022,0.00001587949,0.0003870744,0.00001351361,0.00007776471],"category_scores_gemma":[0.000009442128,0.00002795225,0.00001672903,0.0001186921,0.00003370714,0.0002066403,0.00008395625,0.00003005128,0.0005967991],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00000777294,"about_ca_system_score_gemma":0.0000251997,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00001390449,"about_ca_topic_score_gemma":0.000001695608,"domain_scores_codex":[0.9996134,0.00001074572,0.00006393283,0.0001276143,0.0001043845,0.0000799408],"domain_scores_gemma":[0.9995273,0.00003350963,0.00001056989,0.0003669391,0.00002862499,0.00003310529],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"not_applicable","study_design_scores_codex":[1.424827e-7,0.00001754589,0.0006645669,8.485052e-7,0.000001018519,0.000002114205,0.0006722632,0.000003007561,0.000288635,0.9855891,0.01059546,0.00216531],"study_design_scores_gemma":[0.0005033042,0.00006762853,0.04180192,0.000002481574,0.000001057839,0.0003363256,0.0001037696,0.01791188,0.07438295,0.2182378,0.6461475,0.0005033215],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.1611209,0.00002721401,0.7011418,0.003176057,0.00007073839,0.00006698891,1.858089e-7,0.000529584,0.1338666],"genre_scores_gemma":[0.9504313,0.000003057999,0.04550323,0.0007131552,0.00002347706,0.00001113797,1.655326e-7,0.000001584263,0.003312893],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.7893104,"threshold_uncertainty_score":0.7670845,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2087494106","doi":"10.1145/1858996.1859044","title":"Eliminating navigation errors in web applications via model checking and runtime enforcement of navigation state machines","year":2010,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":57,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Université du Québec à Chicoutimi","funders":"","keywords":"Computer science; State (computer science); Enforcement; Model checking; Runtime verification; Web application; Embedded system; Real-time computing; Formal verification; Operating system; Programming language","retraction":null,"screen_n_in":null,"score":{"opus":0.00976300783914658,"gpt":0.2661886500240832,"spread":0.2564256421849366,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0005969078,0.0001204665,0.0001400419,0.0001365945,0.00009940421,0.00006624911,0.0003450159,0.00005391964,0.00001048552],"category_scores_gemma":[0.0000172692,0.0001214797,0.00002473903,0.000363964,0.00008179254,0.0005755808,0.0001745022,0.0002008529,0.000004680543],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00003025295,"about_ca_system_score_gemma":0.00005306021,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0002319907,"about_ca_topic_score_gemma":0.0001659051,"domain_scores_codex":[0.9987812,0.00002745219,0.0004440625,0.0003277533,0.0002573848,0.0001621463],"domain_scores_gemma":[0.999096,0.00008863171,0.000197074,0.0004185896,0.0001484263,0.00005126268],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.000005274704,0.0001545996,0.003853466,0.0001820346,0.000009910739,3.285159e-7,0.0100442,0.01852775,0.2872989,0.5234724,0.00001245785,0.1564388],"study_design_scores_gemma":[0.0001890962,0.00001135249,0.0006787796,0.0000177098,0.000002264964,0.00000318153,0.00007926182,0.923368,0.02970086,0.04573271,0.00009716928,0.0001196249],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.5771165,0.000008183852,0.4209868,0.000213801,0.000018745,0.0003661023,0.000004224441,0.00007010137,0.001215543],"genre_scores_gemma":[0.9043548,0.000003793693,0.09529906,0.00004081171,0.00001213823,0.0001992394,0.00002272968,0.000007567955,0.00005983037],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.9048402,"threshold_uncertainty_score":0.49538,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2153106208","doi":"10.1109/issre.2010.12","title":"Client-Side Detection of Cross-Site Request Forgery Attacks","year":2010,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":56,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"Natural Sciences and Engineering Research Council of Canada","keywords":"Computer science; Visibility; Benchmark (surveying); Computer security; Client-side; Test suite; Session (web analytics); Phishing; Focus (optics); Suite; Web page; Matching (statistics); World Wide Web; Test case; The Internet","retraction":null,"screen_n_in":null,"score":{"opus":0.01397473587728289,"gpt":0.2940833901793756,"spread":0.2801086543020927,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0004686073,0.0000922387,0.0001230476,0.00009294228,0.00009500206,0.0001427283,0.0005057241,0.00009108182,0.00004771626],"category_scores_gemma":[0.0001218558,0.00008634217,0.00006563783,0.0002671476,0.0001466944,0.0007063439,0.000174292,0.0002035114,0.0001492853],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00001654543,"about_ca_system_score_gemma":0.0000404328,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0001422114,"about_ca_topic_score_gemma":0.0003624963,"domain_scores_codex":[0.998924,0.00002767314,0.0003152106,0.0003173646,0.0002333888,0.0001823382],"domain_scores_gemma":[0.9985323,0.0001601693,0.0001199261,0.0008773708,0.0002389979,0.00007122083],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"bench_or_experimental","study_design_gemma":"bench_or_experimental","study_design_scores_codex":[0.000007142574,0.00009568885,0.02375355,0.00003342433,0.000007662317,8.686148e-7,0.000787136,0.00001884054,0.6455774,0.302882,0.0003026248,0.02653364],"study_design_scores_gemma":[0.0002448108,0.00005664814,0.06187445,0.000004800046,0.000002646555,0.00001848448,0.00002663732,0.009019506,0.8811553,0.01878271,0.02858907,0.0002249972],"study_design_candidate":"bench_or_experimental","study_design_consensus":"bench_or_experimental","genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.7550624,0.000007748902,0.2341038,0.0002201565,0.0003919667,0.0001231626,0.000002379482,0.0002050137,0.009883388],"genre_scores_gemma":[0.9847305,0.000001798907,0.01420204,0.0001655803,0.00007999808,0.00002771093,0.000001622981,0.000006671009,0.0007840436],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.2840993,"threshold_uncertainty_score":0.3520932,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2150898646","doi":"10.1109/iwsess.2009.5068458","title":"MUTEC: Mutation-based testing of Cross Site Scripting","year":2009,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":55,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"","keywords":"Cross-site scripting; Computer science; JavaScript; Scripting language; Programming language; Set (abstract data type); Test suite; Test script; Test case; Mutation; Web application; Software engineering; Data mining; World Wide Web; Web application security; Web service; Machine learning; Web development","retraction":null,"screen_n_in":null,"score":{"opus":0.03075641036596555,"gpt":0.2972830597958762,"spread":0.2665266494299107,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0003640109,0.00008072332,0.000106057,0.00007857514,0.0001024532,0.0001563964,0.0004380464,0.00003212681,0.00001736656],"category_scores_gemma":[0.0003418436,0.00007901255,0.00003499389,0.0005054661,0.00005582471,0.0004124503,0.00004088966,0.00007046948,0.00003028704],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00002243041,"about_ca_system_score_gemma":0.00007633401,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00007921649,"about_ca_topic_score_gemma":0.00000513672,"domain_scores_codex":[0.9990283,0.00003161102,0.0002933683,0.0002508326,0.0002340453,0.0001618813],"domain_scores_gemma":[0.9987085,0.0003522433,0.000123065,0.0004434761,0.0003267148,0.0000459956],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.00001045888,0.0004185331,0.05485827,0.0001197924,0.00001205808,0.00001321772,0.005649857,0.02750272,0.0990675,0.6377788,0.0007277256,0.1738411],"study_design_scores_gemma":[0.0004743921,0.0001318324,0.05854865,0.000029593,0.000002666045,0.000008376885,0.00006932444,0.7567388,0.1577903,0.02528381,0.0006648611,0.0002573352],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.4303421,0.00001547894,0.5594921,0.0007202517,0.00003471681,0.000107633,0.000001393261,0.0002744737,0.009011933],"genre_scores_gemma":[0.7658625,4.327743e-8,0.2333621,0.0006480711,0.00001899216,0.000005243654,0.000001340374,0.000002535557,0.00009923506],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.7292361,"threshold_uncertainty_score":0.3222038,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2106620684","doi":"10.1109/cse.2009.372","title":"Threat Modeling for CSRF Attacks","year":2009,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":54,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Concordia University of Edmonton","funders":"","keywords":"Computer science; Threat model; Vulnerability (computing); Web application security; Computer security; Vulnerability assessment; Vulnerability management; World Wide Web; Web service; Web development","retraction":null,"screen_n_in":null,"score":{"opus":0.03541507962795403,"gpt":0.3001777122192298,"spread":0.2647626325912758,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0001702309,0.00006937156,0.00008207597,0.00003542206,0.00008726542,0.0001061605,0.0005000392,0.0000331642,0.00001260053],"category_scores_gemma":[0.00001822521,0.00006115668,0.00004707211,0.0001059996,0.000009278659,0.0003124059,0.00004111385,0.00004157791,0.00004011581],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0000198164,"about_ca_system_score_gemma":0.00002408595,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.000008699376,"about_ca_topic_score_gemma":0.00000343988,"domain_scores_codex":[0.999325,0.000008806403,0.000135302,0.0002528526,0.0001149742,0.0001630743],"domain_scores_gemma":[0.9993213,0.00006006977,0.00001839571,0.0004654698,0.00008754837,0.00004724668],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.000001427561,0.0000237767,0.00001048753,0.000002660923,0.000001527611,8.527758e-8,0.0003324786,0.001743851,0.0002665628,0.978003,0.001783536,0.01783063],"study_design_scores_gemma":[0.0001201649,0.00003381032,0.0000311461,0.000001657342,9.085658e-7,0.000001522461,0.00002437033,0.7857463,0.001605558,0.2090996,0.003250501,0.00008442446],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.01063135,0.00003465451,0.9720789,0.004987342,0.00004365755,0.000217589,7.784728e-7,0.0002960866,0.01170964],"genre_scores_gemma":[0.8244958,0.000001985275,0.1732977,0.001458204,0.00005361642,0.00003282161,0.000001260877,0.00000274805,0.000655914],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.8138644,"threshold_uncertainty_score":0.2493897,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2078389019","doi":"10.1145/2568225.2568257","title":"Vejovis: suggesting fixes for JavaScript faults","year":2014,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":49,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of British Columbia","funders":"Intel Corporation","keywords":"JavaScript; Computer science; Unobtrusive JavaScript; Web application; Programming language; Static analysis; Code (set theory); Operating system; Rich Internet application","retraction":null,"screen_n_in":null,"score":{"opus":0.01224989621327986,"gpt":0.2410811845357947,"spread":0.2288312883225148,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0005379139,0.000092452,0.0001130026,0.00004753606,0.000137248,0.0001170348,0.0006837924,0.00003946309,0.00001546894],"category_scores_gemma":[0.000356421,0.00008320309,0.00005106386,0.0001376888,0.00003410071,0.00031326,0.0001339063,0.00005527883,0.00008922768],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00001789477,"about_ca_system_score_gemma":0.00002536904,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00004319477,"about_ca_topic_score_gemma":0.00001690429,"domain_scores_codex":[0.9990559,0.00004034559,0.0001890618,0.0003359153,0.0001556377,0.0002231375],"domain_scores_gemma":[0.9986382,0.0005398555,0.00005180277,0.0005808152,0.0001225099,0.00006681316],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"not_applicable","study_design_scores_codex":[0.000001362458,0.00002275311,0.000247459,0.00002390448,0.000003837492,6.132559e-8,0.0006797684,0.0000330246,0.0006900801,0.9357291,0.009466393,0.05310222],"study_design_scores_gemma":[0.0005577484,0.0001221127,0.001176015,0.00001473014,0.000004191536,0.000006435728,0.0001510963,0.3927876,0.01738583,0.1171595,0.4702866,0.0003480485],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.01574592,0.00002213696,0.9659136,0.002813536,0.0001670812,0.000237859,0.000001689402,0.0004583053,0.01463988],"genre_scores_gemma":[0.8183779,6.792499e-7,0.17874,0.001100435,0.0001243919,0.000123625,0.000002376514,0.000007347541,0.001523261],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.8185696,"threshold_uncertainty_score":0.3392923,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2092919558","doi":"10.1016/j.cose.2012.02.005","title":"Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures","year":2012,"lang":"en","type":"article","venue":"Computers & Security","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":49,"is_retracted":false,"has_abstract":false,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Dalhousie University; University of British Columbia","funders":"","keywords":"Computer science; Single sign-on; Computer security; Protocol (science); Password; Security analysis; Authentication (law); Scalability; World Wide Web; Database","retraction":null,"screen_n_in":null,"score":{"opus":0.03740046871827278,"gpt":0.3539438400005536,"spread":0.3165433712822808,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":["metaepi_narrow"],"consensus_categories":[],"category_scores_codex":[0.004986344,0.0003820523,0.0007136691,0.0003165252,0.0004768476,0.0009687861,0.0005275336,0.000202829,0.00001917112],"category_scores_gemma":[0.0004406334,0.0003640915,0.0001317521,0.0009276709,0.0002610478,0.002849505,0.001107472,0.0004240071,0.00001672365],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0001694263,"about_ca_system_score_gemma":0.0001690698,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00005136096,"about_ca_topic_score_gemma":0.00003923716,"domain_scores_codex":[0.9954667,0.0009618242,0.0008178974,0.0008054037,0.001170717,0.0007774508],"domain_scores_gemma":[0.996558,0.001139665,0.0003384876,0.0009146001,0.0005486974,0.000500578],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"observational","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.0001678857,0.002703786,0.4015856,0.003886707,0.004217268,0.0000795408,0.179025,0.001136799,0.0004025297,0.3685266,0.02946934,0.008798939],"study_design_scores_gemma":[0.0006387564,0.00005652379,0.03797501,0.0000898319,0.0003701817,0.0003594905,0.0003148078,0.9533347,0.00007864409,0.004493237,0.001814936,0.0004738494],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.6606666,0.00116919,0.3327712,0.00253636,0.0003501755,0.001076006,0.00001400626,0.0008377172,0.0005786539],"genre_scores_gemma":[0.9899893,0.00001637631,0.00886463,0.0008278278,0.0001697305,0.00009085816,0.00002150704,0.00001752464,0.000002226828],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.9521979,"threshold_uncertainty_score":0.9998811,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2565985959","doi":"10.1007/s10703-016-0263-6","title":"Z3str2: an efficient solver for strings, regular expressions, and length constraints","year":2016,"lang":"en","type":"article","venue":"Formal Methods in System Design","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":46,"is_retracted":false,"has_abstract":false,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of Waterloo","funders":"","keywords":"Regular expression; Computer science; String (physics); Satisfiability modulo theories; Solver; Theoretical computer science; Predicate (mathematical logic); Algorithm; Mathematics; Programming language","retraction":null,"screen_n_in":null,"score":{"opus":0.06174490093142226,"gpt":0.3572660233340219,"spread":0.2955211224025996,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.008315898,0.000188922,0.0003115747,0.000161579,0.000175413,0.0001143188,0.0006605126,0.0001288446,0.000006071574],"category_scores_gemma":[0.0003656279,0.0001334335,0.00005042682,0.0001719551,0.0001679152,0.0006610977,0.000203324,0.00008678102,0.000005071193],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0001573093,"about_ca_system_score_gemma":0.0001114601,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.000006271789,"about_ca_topic_score_gemma":5.850794e-7,"domain_scores_codex":[0.9970778,0.001093374,0.0005256706,0.0005564441,0.0002972089,0.0004495676],"domain_scores_gemma":[0.9969903,0.001763349,0.0001791295,0.0007503264,0.0001552478,0.0001617012],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"bench_or_experimental","study_design_scores_codex":[0.00005860302,0.00008582656,0.0001093091,0.0002204308,0.00001569128,0.000003078273,0.002587194,0.000242941,0.03592672,0.6508401,0.0001677239,0.3097424],"study_design_scores_gemma":[0.006578154,0.001034773,0.001578921,0.001762217,0.00003626742,0.0002691229,0.005538046,0.4499734,0.4912397,0.02846519,0.01177097,0.001753248],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"methods","genre_scores_codex":[0.01037351,0.0001142009,0.9876391,0.00009859043,0.0002212763,0.001094247,0.0000138391,0.0001917577,0.0002534682],"genre_scores_gemma":[0.3939109,0.000002064464,0.6057004,0.00001786565,0.00003277419,0.0002941318,3.379983e-7,0.000009357775,0.00003209384],"genre_candidate":"methods","genre_consensus":"methods","teacher_disagreement_score":0.622375,"threshold_uncertainty_score":0.544126,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2024474165","doi":"10.1109/dasc.2011.26","title":"S2XS2: A Server Side Approach to Automatically Detect XSS Attacks","year":2011,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":44,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"","keywords":"Cross-site scripting; Computer science; Client-side; Server-side; Scripting language; Overhead (engineering); Side channel attack; Dynamic web page; Web application; Computer security; Operating system; Web page; World Wide Web; Web application security; Cryptography","retraction":null,"screen_n_in":null,"score":{"opus":0.04585423571730011,"gpt":0.2523752188025485,"spread":0.2065209830852484,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":["insufficient_payload"],"consensus_categories":[],"category_scores_codex":[0.000462693,0.0001621044,0.0001844904,0.0001008353,0.00008853739,0.0001432117,0.001450241,0.00007340522,0.0001360196],"category_scores_gemma":[0.00007822651,0.0001392691,0.00007022673,0.0004658187,0.00005079357,0.0004092885,0.0005083005,0.0001240188,0.001162249],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00004417121,"about_ca_system_score_gemma":0.00006694778,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0001229058,"about_ca_topic_score_gemma":0.000030074,"domain_scores_codex":[0.9983864,0.00008215374,0.0003072272,0.0005363084,0.0003444116,0.0003434638],"domain_scores_gemma":[0.9982433,0.0001002663,0.00004529117,0.001257803,0.0001222194,0.0002311414],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.000005503997,0.0002219764,0.0002666374,0.00004270849,0.00001987712,0.000002152954,0.007866854,0.00002987254,0.0004583468,0.9749823,0.004165072,0.01193867],"study_design_scores_gemma":[0.001833528,0.0007967913,0.1046318,0.00006627796,0.00004296713,0.0001975242,0.001384646,0.3696821,0.1085735,0.3561188,0.05329168,0.003380284],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.03624366,0.000007206501,0.7653784,0.0004527388,0.00005505046,0.0003542265,8.072572e-7,0.0007070865,0.1968008],"genre_scores_gemma":[0.564198,2.790714e-7,0.4334735,0.001267744,0.00002201665,0.0001280766,4.718554e-7,0.000008894322,0.0009010237],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.6188635,"threshold_uncertainty_score":0.9996155,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W1630762513","doi":"","title":"Securing script-based extensibility in web browsers","year":2010,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":43,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of Toronto","funders":"","keywords":"Computer science; Scripting language; Extensibility; Web application; World Wide Web; Client-side scripting; JavaScript; Cross-site scripting; Web page; Code (set theory); Web navigation; Programming language; Web application security; Web API; Web development","retraction":null,"screen_n_in":null,"score":{"opus":0.01093932889200317,"gpt":0.2439223756451482,"spread":0.2329830467531451,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.00074809,0.0001166628,0.0001352782,0.0001384425,0.00006178529,0.0001350245,0.0008305588,0.0000761089,0.0001421914],"category_scores_gemma":[0.0001455493,0.0001126046,0.00004732522,0.0004225987,0.00009901707,0.0004224152,0.0001623099,0.0003488991,0.0001084285],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00003835775,"about_ca_system_score_gemma":0.0001665871,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0001650148,"about_ca_topic_score_gemma":0.002195996,"domain_scores_codex":[0.9986568,0.00005751862,0.000264963,0.0005083694,0.0002429063,0.0002694192],"domain_scores_gemma":[0.9984225,0.0001592963,0.00004302796,0.001179487,0.00009750481,0.00009818303],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.00001050721,0.0003644626,0.03448993,0.00005133152,0.000004566556,0.000009227379,0.001873912,0.000182877,0.1052499,0.8442194,0.001918755,0.01162517],"study_design_scores_gemma":[0.001755082,0.0000631039,0.07935358,0.00002122758,0.000003056523,0.00001408352,0.0003475013,0.6805505,0.1296692,0.06835032,0.03898826,0.0008840382],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.9416341,0.00001025671,0.04417453,0.002647432,0.000293182,0.0002382024,0.000001335932,0.0003845282,0.01061642],"genre_scores_gemma":[0.9522768,3.404187e-7,0.04650389,0.001005791,0.00003126662,0.00004150322,8.819744e-7,0.000006216492,0.0001333305],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.7758691,"threshold_uncertainty_score":0.4591881,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W1475974720","doi":"","title":"Cookies lack integrity: real-world implications","year":2015,"lang":"en","type":"article","venue":"USENIX Security Symposium","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":35,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Huawei Technologies (Canada)","funders":"","keywords":"Computer science; Computer security; Flag (linear algebra); Internet privacy; Session (web analytics); Domain (mathematical analysis); World Wide Web; Isolation (microbiology); Web browser; Domain name; The Internet","retraction":null,"screen_n_in":null,"score":{"opus":0.0671170811442712,"gpt":0.3218760085948079,"spread":0.2547589274505367,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":["metaepi_narrow"],"consensus_categories":[],"category_scores_codex":[0.0008841429,0.000326528,0.0003774062,0.0003138466,0.0002428378,0.0005086916,0.001894805,0.0001566186,0.00002443545],"category_scores_gemma":[0.0001385088,0.0003348228,0.0001362223,0.001155665,0.0002468366,0.001070604,0.0006906304,0.0005576173,0.0006528166],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0003048558,"about_ca_system_score_gemma":0.0004153778,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.001092852,"about_ca_topic_score_gemma":0.001189005,"domain_scores_codex":[0.9972196,0.0002435537,0.0005804282,0.0008533873,0.0005741514,0.000528908],"domain_scores_gemma":[0.9962173,0.0003233246,0.0002033485,0.002120062,0.0006441792,0.0004917778],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"theoretical_or_conceptual","study_design_scores_codex":[0.000007069271,0.0001734959,0.003965268,0.00002292089,0.00002010983,0.000003553604,0.007431719,0.00001873082,0.0007336168,0.9510002,0.03636021,0.0002630861],"study_design_scores_gemma":[0.001056385,0.0001497734,0.003608281,0.00003563535,0.00003369363,0.00008404362,0.0008033951,0.007926812,0.01072988,0.5131341,0.4613559,0.001082075],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":"theoretical_or_conceptual","genre_codex":"other","genre_gemma":"empirical","genre_scores_codex":[0.2442958,0.0005005107,0.1110579,0.2024526,0.002692304,0.003069711,0.0002371336,0.006557829,0.4291362],"genre_scores_gemma":[0.9872687,0.00005067146,0.009049076,0.001225541,0.0003049665,0.000217454,0.00003593697,0.00003272357,0.001814925],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.7429729,"threshold_uncertainty_score":0.9999104,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2160138611","doi":"10.1109/csmr.2007.16","title":"Automated Protection of PHP Applications Against SQL-injection Attacks","year":2007,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":31,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"Polytechnique Montréal","funders":"Natural Sciences and Engineering Research Council of Canada","keywords":"SQL injection; Computer science; SQL; Confidentiality; Database; Web application; Relational database; Exploit; Code (set theory); Computer security; Query by Example; World Wide Web; Programming language; Search engine","retraction":null,"screen_n_in":null,"score":{"opus":0.01767341799957494,"gpt":0.2800589472672301,"spread":0.2623855292676552,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0006432788,0.0001022249,0.0001188262,0.0001888249,0.000130938,0.00004824773,0.0004169039,0.00008609828,0.00001393416],"category_scores_gemma":[0.00002665039,0.0001011422,0.00005225172,0.0008918239,0.00006594745,0.0003527597,0.0000889909,0.0001134971,0.00008246451],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00008249663,"about_ca_system_score_gemma":0.00005044621,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00008646506,"about_ca_topic_score_gemma":0.00004271023,"domain_scores_codex":[0.9988111,0.0000369409,0.000377904,0.0003224309,0.0002605745,0.000191088],"domain_scores_gemma":[0.9988074,0.00007669909,0.0001586328,0.0006350119,0.0002569423,0.00006532038],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"bench_or_experimental","study_design_scores_codex":[0.00002202703,0.0006853443,0.001519097,0.0001652455,0.00004833365,9.351674e-7,0.00227359,0.001612327,0.1268607,0.5976993,0.002701021,0.2664121],"study_design_scores_gemma":[0.0009783404,0.0002860093,0.02823567,0.00003234138,0.00001398908,0.00004636153,0.000751634,0.4197097,0.4531255,0.01615812,0.07989016,0.0007721177],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.04249711,0.00001476806,0.9382125,0.0003337647,0.00007351104,0.0007628855,0.000001532675,0.001644744,0.01645924],"genre_scores_gemma":[0.9724048,0.000002465309,0.02685503,0.0001270423,0.00005841422,0.0002261917,0.000004846308,0.000007900213,0.0003132725],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.9299077,"threshold_uncertainty_score":0.4124459,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2019560524","doi":"10.1145/2626371","title":"A Model-Based Approach for Crawling Rich Internet Applications","year":2014,"lang":"en","type":"article","venue":"ACM Transactions on the Web","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":29,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"IBM (Canada); University of Ottawa","funders":"Natural Sciences and Engineering Research Council of Canada; International Business Machines Corporation","keywords":"Crawling; Computer science; Web crawler; The Internet; World Wide Web; Web application; Ajax","retraction":null,"screen_n_in":null,"score":{"opus":0.03621463762361464,"gpt":0.2589408671043987,"spread":0.222726229480784,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0005910315,0.000149098,0.000133096,0.0001108505,0.0003549281,0.0001511658,0.001853816,0.00006876368,0.00001341413],"category_scores_gemma":[0.00004739722,0.0001180779,0.0001208506,0.0003642903,0.00008777255,0.000152473,0.0000168738,0.000213461,0.00004809381],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00004919887,"about_ca_system_score_gemma":0.00007988913,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.000006956879,"about_ca_topic_score_gemma":0.000007564899,"domain_scores_codex":[0.9988229,0.00008483668,0.0002288108,0.0004361664,0.0002025253,0.0002247716],"domain_scores_gemma":[0.9970608,0.0009129412,0.00007013353,0.001771719,0.0001192197,0.00006521987],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.00003367648,0.0008501007,0.000009657303,0.0001048624,0.00006901826,3.78401e-8,0.001801688,0.3149721,0.004535568,0.6102351,0.001459391,0.06592882],"study_design_scores_gemma":[0.0002343681,0.00003460569,0.000002163267,0.000004340006,0.00001282094,9.870587e-7,0.00004153753,0.9333879,0.01134092,0.04330869,0.01149738,0.0001342805],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.0008318013,0.00001110092,0.9907773,0.00594682,0.00004177668,0.0008788005,0.00001829781,0.0003092545,0.001184882],"genre_scores_gemma":[0.7248763,0.000001564775,0.2708209,0.001018263,0.00003211031,0.002889857,0.00000530897,0.00001374176,0.0003419312],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.7240445,"threshold_uncertainty_score":0.4815077,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2545525312","doi":"10.1109/passat/socialcom.2011.199","title":"An Analysis of Black-Box Web Application Security Scanners against Stored SQL Injection","year":2011,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":28,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Concordia University of Edmonton","funders":"","keywords":"SQL injection; Computer science; Black box; SQL; Login; Database; Exploit; Web application; Vulnerability (computing); Computer security; World Wide Web; Artificial intelligence; Query by Example","retraction":null,"screen_n_in":null,"score":{"opus":0.01496890538443615,"gpt":0.2513586340762636,"spread":0.2363897286918275,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0005618535,0.0001486104,0.0002770846,0.0005358984,0.00008758644,0.00005274031,0.0009439086,0.0001016102,0.00007027142],"category_scores_gemma":[0.00002107874,0.0001519257,0.0001361359,0.002112882,0.0001675263,0.0007444664,0.0001080774,0.0001124131,0.00003206928],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00009779675,"about_ca_system_score_gemma":0.0000837939,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0008978351,"about_ca_topic_score_gemma":0.000846269,"domain_scores_codex":[0.9983237,0.0001383869,0.0004204314,0.0005752891,0.000348296,0.0001939348],"domain_scores_gemma":[0.9978527,0.00004952778,0.0002385765,0.001418072,0.0003119663,0.0001291542],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.00004052262,0.001193643,0.08174551,0.00005552349,0.0005588807,7.445468e-7,0.03507693,0.005228815,0.01835576,0.845979,0.0006366005,0.01112807],"study_design_scores_gemma":[0.0002281613,0.0001193224,0.04734951,0.000002736894,0.000117281,7.571155e-7,0.001476284,0.9227008,0.01681409,0.01045271,0.0004339518,0.0003044573],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.655405,0.000007699039,0.3333151,0.00007379456,0.00004163656,0.0002415803,0.000009842252,0.0002847163,0.0106206],"genre_scores_gemma":[0.9883875,0.000005497743,0.01127123,0.0001605428,0.00002576765,0.00006764859,0.00003268496,0.000008558599,0.00004054028],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.9174719,"threshold_uncertainty_score":0.6195349,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2095804328","doi":"10.1109/compsacw.2011.27","title":"Injecting Comments to Detect JavaScript Code Injection Attacks","year":2011,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":28,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"Natural Sciences and Engineering Research Council of Canada","keywords":"JavaScript; Unobtrusive JavaScript; Computer science; Cross-site scripting; Scripting language; Code (set theory); Programming language; Web application; Source code; Redundant code; Rich Internet application; Operating system; Code generation; Key (lock); Web service; Web development","retraction":null,"screen_n_in":null,"score":{"opus":0.06320345382442585,"gpt":0.2821957931494312,"spread":0.2189923393250053,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0004371578,0.000125487,0.0001231029,0.0001426257,0.0001751266,0.0001128777,0.000777439,0.00005349177,0.00009666708],"category_scores_gemma":[0.00007754066,0.0001231726,0.00004367603,0.0004717484,0.00002505972,0.0004722502,0.0003844386,0.0001350462,0.000441584],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0000843548,"about_ca_system_score_gemma":0.00002907464,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0006466053,"about_ca_topic_score_gemma":0.0002614099,"domain_scores_codex":[0.9987609,0.00008075403,0.0002545001,0.0004100483,0.0002283988,0.0002654025],"domain_scores_gemma":[0.9989054,0.00007053274,0.00006030512,0.0007174556,0.0001166051,0.0001296906],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"design_other","study_design_gemma":"bench_or_experimental","study_design_scores_codex":[0.00007017405,0.0005513587,0.03567948,0.00009180359,0.000135465,0.00000988771,0.1030662,0.0002138188,0.01372191,0.3783861,0.08318101,0.3848928],"study_design_scores_gemma":[0.001995717,0.002032973,0.07211813,0.00008781085,0.00003052453,0.0002001796,0.004644683,0.03101089,0.5725052,0.09964232,0.2131435,0.002588102],"study_design_candidate":"bench_or_experimental","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.1179723,0.00001028641,0.8452225,0.0005126167,0.0003421693,0.0003122719,0.000001442044,0.0005701653,0.03505626],"genre_scores_gemma":[0.8934625,7.508443e-7,0.1034679,0.002356861,0.00004167373,0.00007902772,6.405921e-7,0.00000991624,0.0005807789],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.7754902,"threshold_uncertainty_score":0.5675817,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2100883222","doi":"10.1109/compsac.2009.191","title":"Automatic Testing of Program Security Vulnerabilities","year":2009,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":27,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"Natural Sciences and Engineering Research Council of Canada","keywords":"Security testing; Computer science; Fuzz testing; Application security; SQL injection; Computer security; Secure coding; Vulnerability (computing); Security bug; Automation; Manual testing; Software security assurance; Software engineering; Information security; Security service; Security information and event management; Cloud computing security; Software; World Wide Web; Engineering; Software development","retraction":null,"screen_n_in":null,"score":{"opus":0.02609552071501577,"gpt":0.290460923118325,"spread":0.2643654024033092,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0005043312,0.0001318461,0.000217809,0.00009045335,0.00008534428,0.0001096942,0.0007945206,0.00005111234,0.00005560227],"category_scores_gemma":[0.0003513043,0.0001173564,0.00005943163,0.0006109451,0.0001037828,0.0004676407,0.0001060327,0.0001251932,0.00002177857],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00003190531,"about_ca_system_score_gemma":0.00008406863,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0000609872,"about_ca_topic_score_gemma":0.000004135549,"domain_scores_codex":[0.998598,0.00008765623,0.0004209628,0.0003199358,0.0003230607,0.0002503412],"domain_scores_gemma":[0.9983452,0.0004187422,0.0001243461,0.0008035655,0.0002325152,0.00007564192],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"theoretical_or_conceptual","study_design_scores_codex":[7.674233e-7,0.0003825949,0.0006068921,0.00006835853,0.000005469223,7.284267e-7,0.002650208,0.00003276835,0.0006238609,0.6423258,0.0005235164,0.3527791],"study_design_scores_gemma":[0.0002709405,0.0005459916,0.007616168,0.00003742247,0.000005172579,0.00001874322,0.0003415016,0.4771083,0.01995511,0.4915022,0.002276024,0.0003223772],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":"theoretical_or_conceptual","genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.8875723,0.00009028506,0.04934667,0.002427669,0.00008827577,0.0008871977,0.000002395781,0.002625014,0.05696023],"genre_scores_gemma":[0.7645614,5.420067e-7,0.2351403,0.0001602646,0.00002178517,0.00004238126,6.546314e-7,0.000003170937,0.00006946473],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.4770755,"threshold_uncertainty_score":0.4785655,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2963961461","doi":"10.20904/281-2037","title":"Analysis of SQL Injection Detection Techniques","year":2017,"lang":"en","type":"article","venue":"Theoretical and Applied Informatics","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":27,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Concordia University","funders":"","keywords":"Computer science; SQL injection; SQL; Database; Programming language; Information retrieval; Query by Example","retraction":null,"screen_n_in":null,"score":{"opus":0.006657630008014876,"gpt":0.2425503700508377,"spread":0.2358927400428228,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0003963819,0.00007578884,0.0001829092,0.0001376244,0.0002198673,0.0001695934,0.0004137696,0.00006343871,0.0000127306],"category_scores_gemma":[0.00004401509,0.00006271923,0.00004198364,0.0001858481,0.0005090114,0.0003012271,0.0002346152,0.00008986902,0.000004922028],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00001062609,"about_ca_system_score_gemma":0.000008246722,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.000006174715,"about_ca_topic_score_gemma":0.000001424911,"domain_scores_codex":[0.9993445,0.00001059499,0.0003018818,0.00008324353,0.0001588577,0.0001009477],"domain_scores_gemma":[0.9990039,0.00007707821,0.000208961,0.000608054,0.00005654464,0.0000454201],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"theoretical_or_conceptual","study_design_scores_codex":[0.000004393656,0.00001109747,0.00006152981,0.00001825154,0.00003052392,1.358295e-8,0.0009766953,0.00001806309,0.0004278402,0.936188,0.000003262397,0.06226037],"study_design_scores_gemma":[0.0001923467,0.0001086351,0.004175652,0.000009672612,0.0001675606,0.000004252119,0.0004767247,0.2813359,0.1703867,0.5422835,0.0006127573,0.000246371],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":"theoretical_or_conceptual","genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.242172,0.000002157988,0.7198996,0.0001042093,0.00001760529,0.0001255682,0.000002627146,0.00009793829,0.03757828],"genre_scores_gemma":[0.9847309,0.000008408958,0.01514216,0.00007257525,0.00001254643,0.00002364019,0.00000157616,0.000002162708,0.000006033415],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.7425589,"threshold_uncertainty_score":0.2557616,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2615381372","doi":"10.1109/icst.2017.28","title":"JavaScript: The (Un)Covered Parts","year":2017,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":27,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of British Columbia","funders":"","keywords":"JavaScript; Callback; Unobtrusive JavaScript; Computer science; Programming language; Code coverage; Test case; Web application; Code (set theory); Source code; Operating system; Rich Internet application; Database; Software; Set (abstract data type)","retraction":null,"screen_n_in":null,"score":{"opus":0.02628621351525841,"gpt":0.258392586067161,"spread":0.2321063725519026,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":["sts"],"consensus_categories":[],"category_scores_codex":[0.0003931602,0.00006957789,0.00006997868,0.00001318614,0.001393883,0.0007373505,0.002864144,0.00002659381,0.0001012882],"category_scores_gemma":[0.00009706517,0.00004403781,0.00004329025,0.00003788785,0.0001268469,0.0005735724,0.001412304,0.00007865274,0.000313087],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00001112392,"about_ca_system_score_gemma":0.00002385509,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0001820434,"about_ca_topic_score_gemma":0.00004775558,"domain_scores_codex":[0.9992399,0.00003651901,0.0001107439,0.0002314075,0.000224537,0.0001569457],"domain_scores_gemma":[0.997259,0.00007963341,0.00007952275,0.002481101,0.00005563808,0.0000451722],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"theoretical_or_conceptual","study_design_scores_codex":[4.594096e-7,0.00001436421,0.0008020721,0.000001459026,0.000005065841,5.802228e-7,0.0009535741,0.000001893143,0.00006169546,0.971777,0.01083421,0.01554761],"study_design_scores_gemma":[0.0003642003,0.00002678062,0.07433712,0.000004808714,0.000004511577,0.00001612352,0.0001430821,0.01386204,0.01083405,0.496293,0.4038329,0.0002813987],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":"theoretical_or_conceptual","genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.06250212,0.0001477321,0.5148285,0.08387703,0.0009406643,0.0005259714,0.000002906756,0.0005388788,0.3366362],"genre_scores_gemma":[0.9901859,0.000004943211,0.004841108,0.001569117,0.00007080997,0.00004083325,2.405075e-7,0.000003432582,0.003283604],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.9276838,"threshold_uncertainty_score":0.9999062,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2111273637","doi":"10.1109/wse.2009.5631226","title":"WAFA: Fine-grained dynamic analysis of web applications","year":2009,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":27,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"","keywords":"Computer science; SQL injection; Parsing; Database; Dynamic web page; Web application; Web application security; SQL; Web page; Data Web; Web modeling; World Wide Web; Web development; Programming language; Query by Example","retraction":null,"screen_n_in":null,"score":{"opus":0.007437130510782364,"gpt":0.2647628234546552,"spread":0.2573256929438729,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.00020646,0.00009341323,0.0002234094,0.000377838,0.00006078987,0.00004535971,0.0008256267,0.00004169749,0.00008338811],"category_scores_gemma":[0.00001863617,0.00008604803,0.0001403685,0.00262804,0.0000474361,0.0001765782,0.00006855682,0.00006219638,0.00003972393],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00003078619,"about_ca_system_score_gemma":0.00005229076,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00001653803,"about_ca_topic_score_gemma":0.0001006328,"domain_scores_codex":[0.9989657,0.00003040136,0.0003088454,0.0003247975,0.0002216451,0.0001485897],"domain_scores_gemma":[0.9985232,0.0001195074,0.00009957795,0.001049904,0.0001474627,0.00006038233],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.000001261634,0.0001566486,0.0002810185,0.000005289551,0.0001118061,1.773411e-7,0.0003274895,0.0004077323,0.008640805,0.9643162,0.0004649683,0.02528661],"study_design_scores_gemma":[0.0003331008,0.00007627447,0.0353763,0.000002971589,0.0001985271,0.000001848981,0.00008986706,0.871977,0.004366446,0.06919388,0.01803376,0.0003500055],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.01993482,0.00005332938,0.9631175,0.004551206,0.00001152882,0.0002362935,0.00001061402,0.0002539608,0.01183077],"genre_scores_gemma":[0.9574671,0.000005862387,0.04137311,0.0003304904,0.000008227823,0.0000601276,0.00001557372,0.000002470801,0.0007370203],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.9375323,"threshold_uncertainty_score":0.3508937,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2139974906","doi":"10.1109/pst.2011.5971962","title":"Extraction and comprehension of moodle's access control model: A case study","year":2011,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":25,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"Polytechnique Montréal","funders":"Natural Sciences and Engineering Research Council of Canada","keywords":"Code refactoring; Computer science; Source code; Program comprehension; Software engineering; Source lines of code; Code (set theory); Programming language; Comprehension; Software; Reverse engineering; Simple (philosophy); Software system; Set (abstract data type)","retraction":null,"screen_n_in":null,"score":{"opus":0.09254247991074538,"gpt":0.3311132419528572,"spread":0.2385707620421118,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0002222783,0.00007756957,0.0001356457,0.00007051986,0.00006467827,0.00005419476,0.0002899847,0.0000288312,0.00002838123],"category_scores_gemma":[0.00001010591,0.00006698637,0.00001904051,0.0001172244,0.00004330157,0.0007463559,0.0001713948,0.00006449536,0.000002445852],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.000009133394,"about_ca_system_score_gemma":0.00002060603,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.001102033,"about_ca_topic_score_gemma":0.0001152675,"domain_scores_codex":[0.9992286,0.00006903383,0.0002138878,0.0002547018,0.0001436003,0.00009015731],"domain_scores_gemma":[0.9991882,0.0001018036,0.00008403183,0.0004444649,0.0001285629,0.00005289194],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.0002247872,0.009328026,0.08512652,0.000248218,0.0002630254,0.0007123323,0.1450725,0.004608161,0.009637784,0.5752211,0.0007684242,0.1687891],"study_design_scores_gemma":[0.00128343,0.0002200796,0.01622785,0.000002435072,0.0000182718,0.0004290562,0.002596511,0.964293,0.003085288,0.01164568,0.00002371158,0.0001746632],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.5475665,0.00001059462,0.4507654,0.0000307759,0.00002067619,0.0002686771,6.886635e-7,0.00006266977,0.001274074],"genre_scores_gemma":[0.9860946,0.000001413591,0.01375812,0.0000683705,0.000005113217,0.00003879835,1.131647e-7,0.000003867131,0.00002963148],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.9596848,"threshold_uncertainty_score":0.2731625,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2920590155","doi":"10.1145/3297067.3297096","title":"Detecting Blind Cross-Site Scripting Attacks Using Machine Learning","year":2018,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":24,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"Concordia University of Edmonton","funders":"Ministère de l'Économie, de la Science et de l'Innovation - Québec","keywords":"Cross-site scripting; Computer science; Scripting language; Web application; Computer security; World Wide Web; Web server; Server; Web page; Web application security; Operating system; The Internet; Web development","retraction":null,"screen_n_in":null,"score":{"opus":0.05213637726759891,"gpt":0.3356718794094752,"spread":0.2835355021418763,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0009752609,0.0001573019,0.0001512985,0.0001343626,0.0008442799,0.0007688163,0.0006433882,0.00007339115,0.0001392277],"category_scores_gemma":[0.0002776325,0.0001546634,0.00005679251,0.0005334974,0.0001592057,0.0008664678,0.0005636796,0.0003142867,0.0002720441],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00007163892,"about_ca_system_score_gemma":0.00004935742,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0004464539,"about_ca_topic_score_gemma":0.0001361997,"domain_scores_codex":[0.9983363,0.0001027685,0.000340719,0.0005339617,0.0002955307,0.0003907227],"domain_scores_gemma":[0.9987418,0.0001677787,0.0001522993,0.0005575367,0.0002833043,0.00009728146],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"observational","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.00007239417,0.0001749599,0.4470828,0.0001373585,0.00008438557,0.00001579167,0.03099178,0.004117008,0.3597708,0.07631066,0.0001747091,0.08106738],"study_design_scores_gemma":[0.0004085732,0.00005748176,0.00124507,0.00001547115,0.000003096065,0.00003702347,0.0001167735,0.9282128,0.0609547,0.001008554,0.007671389,0.0002690738],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.5745255,0.00003441155,0.4213073,0.00008739816,0.0001475288,0.00008480986,4.651513e-7,0.0003669923,0.003445602],"genre_scores_gemma":[0.857047,6.827982e-7,0.1416446,0.0002666273,0.0002783144,0.000005644048,9.716092e-7,0.00001490174,0.0007411888],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.9240958,"threshold_uncertainty_score":0.7413713,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W4224278610","doi":"10.18280/rces.090101","title":"A Review on Web Application Vulnerability Assessment and Penetration Testing","year":2022,"lang":"en","type":"review","venue":"Review of Computer Engineering Studies","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":24,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":false,"ca_fund":false,"ca_venue":true,"about_ca":false},"ca_institutions":"","funders":"","keywords":"Vulnerability assessment; Penetration (warfare); Computer science; Web testing; Vulnerability (computing); World Wide Web; Engineering; The Internet; Computer security; Web application security; Psychology; Web development; Operations research; Social psychology","retraction":null,"screen_n_in":null,"score":{"opus":0.08964140158777062,"gpt":0.3897278193972771,"spread":0.3000864178095065,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":["metaepi_narrow"],"consensus_categories":[],"category_scores_codex":[0.002496937,0.000587414,0.002853731,0.0001928568,0.0001441447,0.00004605894,0.0009794967,0.00006906631,0.000005709476],"category_scores_gemma":[0.0004319392,0.0005003402,0.0003407615,0.001157974,0.00005749724,0.0001785671,0.0009048491,0.0005728198,0.000006158452],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0003546813,"about_ca_system_score_gemma":0.0002485642,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00000186796,"about_ca_topic_score_gemma":2.217878e-7,"domain_scores_codex":[0.9962996,0.0004485083,0.001542439,0.0009233974,0.0005405897,0.0002454892],"domain_scores_gemma":[0.9953154,0.002009905,0.0009013111,0.0014469,0.0002523647,0.00007413516],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"design_other","study_design_gemma":"not_applicable","study_design_scores_codex":[4.653591e-8,0.00002645964,5.409139e-7,0.4071095,0.00007493045,3.912446e-7,0.00001131057,0.00002824953,7.978061e-8,0.004983447,0.0008137705,0.5869513],"study_design_scores_gemma":[0.00003911745,0.00008036206,0.000006702551,0.2244399,0.000222229,0.00002502454,7.565105e-7,0.005077282,1.09e-7,0.00006211393,0.7697259,0.0003204781],"study_design_candidate":"not_applicable","study_design_consensus":null,"genre_codex":"review","genre_gemma":"review","genre_scores_codex":[2.111614e-7,0.9403701,0.05628544,0.0003101319,0.0002100081,0.0025053,0.00001373624,0.0002288774,0.00007617541],"genre_scores_gemma":[0.000003301309,0.9573713,0.03949833,0.0006137673,0.0001192239,0.002325207,0.00003256816,0.0000333389,0.000002969987],"genre_candidate":"review","genre_consensus":"review","teacher_disagreement_score":0.7689121,"threshold_uncertainty_score":0.9997448,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2111472349","doi":"10.1109/icstw.2010.46","title":"Some Modeling Challenges When Testing Rich Internet Applications for Security","year":2010,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":22,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"IBM (Canada); University of Ottawa","funders":"Center for Advanced Study, University of Illinois at Urbana-Champaign; Natural Sciences and Engineering Research Council of Canada; International Business Machines Corporation","keywords":"Computer science; Ajax; Web application security; Rich Internet application; Server; The Internet; Web application; World Wide Web; Computer security; Web development","retraction":null,"screen_n_in":null,"score":{"opus":0.0607596269004923,"gpt":0.2819070359420563,"spread":0.221147409041564,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0005531994,0.000141242,0.0001473272,0.0000851688,0.0001416176,0.0001813178,0.001172396,0.000093402,0.00001328399],"category_scores_gemma":[0.0001452175,0.0001373203,0.00004956176,0.0001325365,0.00004562272,0.0006133855,0.0003076626,0.0002492751,0.00005960187],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00002109191,"about_ca_system_score_gemma":0.0000590213,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00005828801,"about_ca_topic_score_gemma":0.0001055107,"domain_scores_codex":[0.9986912,0.00002191985,0.0002829559,0.0005503775,0.0001806744,0.0002728853],"domain_scores_gemma":[0.9981719,0.0004693711,0.0000738545,0.0008784008,0.0003044824,0.0001019721],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[7.201749e-7,0.00005590982,0.00002531309,0.00003469769,0.000005220321,4.960982e-8,0.001801543,0.00006287305,0.0009343414,0.9824829,0.0002097802,0.01438672],"study_design_scores_gemma":[0.00009493223,0.00001347842,0.000008320583,0.000002431175,0.000002145571,0.000003130642,0.00008777203,0.5203707,0.001392367,0.4652696,0.01263134,0.000123731],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.01637871,0.000214691,0.9720631,0.004415851,0.0001421152,0.0007999773,0.000005087098,0.0006512061,0.005329294],"genre_scores_gemma":[0.7136373,0.000006415347,0.2845069,0.0002488023,0.000321195,0.001088561,0.000003377585,0.00001178826,0.0001756932],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.6972585,"threshold_uncertainty_score":0.5599759,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W1536000481","doi":"10.1007/978-3-642-02658-4_50","title":"Browser-Based Enforcement of Interface Contracts in Web Applications with BeepBeep","year":2009,"lang":"en","type":"book-chapter","venue":"Lecture notes in computer science","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":21,"is_retracted":false,"has_abstract":false,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Université du Québec à Montréal","funders":"","keywords":"Computer science; Ajax; Java applet; XML; Interface (matter); Java; Programming language; Operating system; Web application; JSON; Database; User interface","retraction":null,"screen_n_in":null,"score":{"opus":0.01203293627852415,"gpt":0.2488462742398305,"spread":0.2368133379613064,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":["metaepi_narrow"],"consensus_categories":[],"category_scores_codex":[0.000838839,0.0004742717,0.0006204502,0.0009814003,0.0001046441,0.0002317932,0.003207776,0.0002393889,0.00002872697],"category_scores_gemma":[0.00003632714,0.00043492,0.00008427344,0.0009253506,0.0008295778,0.0004398353,0.0004291585,0.0007094375,0.00001597458],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0003966426,"about_ca_system_score_gemma":0.001069706,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00005061946,"about_ca_topic_score_gemma":0.0005389019,"domain_scores_codex":[0.9962657,0.00004071183,0.0007867519,0.001339803,0.00103178,0.0005352196],"domain_scores_gemma":[0.996617,0.0005993912,0.0004793525,0.001788319,0.0003714982,0.0001444805],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"design_other","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.00002986419,0.0002166786,0.0001139337,0.0001073214,0.00001296302,0.00001441192,0.001351646,0.2208077,0.0007553616,0.189952,0.00001281394,0.5866253],"study_design_scores_gemma":[0.001657143,0.000818771,0.0002708958,0.001046221,0.00001631831,0.00003388816,0.000001870982,0.7671735,0.02607148,0.1837642,0.01774598,0.00139976],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.0002551707,0.0002966938,0.9915941,0.0009426525,0.0001047981,0.001203759,0.00001071154,0.0001126489,0.005479409],"genre_scores_gemma":[0.7724059,0.00001384093,0.2264337,0.0008613723,0.00007390028,0.00008725748,0.000006602756,0.00002085129,0.00009656986],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.7721507,"threshold_uncertainty_score":0.9998103,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2050396717","doi":"10.1145/2107581.2107584","title":"Testing and assessing web vulnerability scanners for persistent SQL injection attacks","year":2011,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":21,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Concordia University of Edmonton","funders":"","keywords":"SQL injection; Computer science; Login; Vulnerability (computing); Exploit; SQL; Web application; Cross-site scripting; Testbed; Secure coding; Database; Computer security; Web application security; Web page; World Wide Web; Information security; Software security assurance; Query by Example; Web development","retraction":null,"screen_n_in":null,"score":{"opus":0.09539819187917734,"gpt":0.3024152985857622,"spread":0.2070171067065849,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0007844848,0.0001254443,0.0001390505,0.00008018658,0.0003255236,0.0002425077,0.0003130066,0.00006198992,0.00001509662],"category_scores_gemma":[0.0003700659,0.0001198357,0.00006331809,0.0002706783,0.0001139657,0.0008270028,0.0001623643,0.0001077889,0.000004929416],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00007970262,"about_ca_system_score_gemma":0.0000951166,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0002037731,"about_ca_topic_score_gemma":0.00003223278,"domain_scores_codex":[0.9987743,0.00007380267,0.0002461166,0.0005108647,0.0001536623,0.0002412365],"domain_scores_gemma":[0.9986827,0.0004358596,0.00008945438,0.0004444933,0.0002479802,0.00009947984],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"observational","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.0000520501,0.0008846784,0.3741799,0.000662395,0.0001481519,0.000002434555,0.02696781,0.0004478559,0.02343751,0.2615302,0.003391134,0.3082958],"study_design_scores_gemma":[0.001310371,0.0007631399,0.1709344,0.00006149694,0.00004753111,0.0001147923,0.00500955,0.7593433,0.008959611,0.04975722,0.002610148,0.001088508],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.6913475,0.00003212165,0.2898296,0.00040149,0.000166365,0.0004353092,0.000002089131,0.000380448,0.01740498],"genre_scores_gemma":[0.812434,4.551127e-7,0.1871657,0.0001533354,0.00003837878,0.00008869087,7.002867e-7,0.000007003586,0.0001117778],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.7588954,"threshold_uncertainty_score":0.4886758,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2121959582","doi":"10.1109/issre.2011.27","title":"Server Side Detection of Content Sniffing Attacks","year":2011,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":21,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"Natural Sciences and Engineering Research Council of Canada","keywords":"Computer science; JavaScript; Upload; Sniffing; Operating system; Computer security; World Wide Web","retraction":null,"screen_n_in":null,"score":{"opus":0.09506084498035064,"gpt":0.2472246332399861,"spread":0.1521637882596354,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0001985124,0.00005794838,0.00008565808,0.00004853891,0.00003437258,0.00001894724,0.0003638085,0.00003161794,0.00006297658],"category_scores_gemma":[0.0000251574,0.00005149789,0.0000402734,0.0001429621,0.00003389102,0.0003153998,0.0001217633,0.00005240812,0.00005872583],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00001835101,"about_ca_system_score_gemma":0.0000159057,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0005614954,"about_ca_topic_score_gemma":0.0001488467,"domain_scores_codex":[0.9993582,0.00003037419,0.0001944128,0.000177674,0.0001363891,0.0001030022],"domain_scores_gemma":[0.9992855,0.00004579961,0.00006961362,0.0004360458,0.0001273137,0.00003578881],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"bench_or_experimental","study_design_scores_codex":[0.00001375693,0.0002065004,0.004685833,0.00005480394,0.0000306996,0.000001590731,0.01127348,0.00001266563,0.1370273,0.7987705,0.0001395122,0.04778335],"study_design_scores_gemma":[0.0001856618,0.00006217304,0.04309873,0.00000637948,0.000002650436,0.00000567295,0.000256746,0.003883451,0.9403844,0.01114892,0.0008431208,0.0001220843],"study_design_candidate":"bench_or_experimental","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.5048785,0.00001566525,0.4825563,0.00008894636,0.00008433264,0.00009918134,2.792923e-7,0.0001268289,0.01214992],"genre_scores_gemma":[0.9854957,0.000001341917,0.01399236,0.0001335401,0.00001182842,0.00001541067,1.52945e-7,0.000003172806,0.0003464694],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.8033571,"threshold_uncertainty_score":0.2100023,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2101198401","doi":"10.1109/dsn.2010.5544951","title":"Data recovery for web applications","year":2010,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":21,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of Toronto","funders":"","keywords":"Backup; Undo; Computer science; Data loss; Overhead (engineering); Web application; Data recovery; Vulnerability (computing); System administrator; Database; Web server; Computer security; World Wide Web; Operating system; The Internet","retraction":null,"screen_n_in":null,"score":{"opus":0.04197162548359137,"gpt":0.3091289613369031,"spread":0.2671573358533117,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0003765487,0.00006172522,0.00006677002,0.0000415217,0.000111889,0.0001522827,0.002360431,0.00004500442,0.00006186651],"category_scores_gemma":[0.00006877004,0.000057814,0.00002346802,0.0001668117,0.00004018679,0.0006008971,0.0004693021,0.00009710372,0.0001786858],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.000006051062,"about_ca_system_score_gemma":0.0001019838,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.000007642907,"about_ca_topic_score_gemma":0.000138543,"domain_scores_codex":[0.9991936,0.00000847272,0.0001446239,0.0004162961,0.0001027144,0.0001342751],"domain_scores_gemma":[0.9968948,0.0002933197,0.00003934706,0.002626001,0.00008908488,0.00005743892],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"not_applicable","study_design_scores_codex":[5.913409e-7,0.00003146432,0.00002582678,0.000005947885,0.000002889386,1.646875e-8,0.00002019526,7.38066e-7,0.006287182,0.9171223,0.03013523,0.04636762],"study_design_scores_gemma":[0.00008763829,0.000007569404,0.00009757671,3.676198e-7,0.000001511374,0.000002443787,0.000009737371,0.02682175,0.001265898,0.0757264,0.8958951,0.00008406717],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"methods","genre_scores_codex":[0.0009843401,0.00001021121,0.9802886,0.004093229,0.0001589506,0.0005370097,0.0001116174,0.0002968106,0.01351921],"genre_scores_gemma":[0.1833848,0.000004138628,0.8119855,0.00105773,0.0002879918,0.001020351,0.0001074052,0.00001023038,0.002141838],"genre_candidate":"methods","genre_consensus":"methods","teacher_disagreement_score":0.8657598,"threshold_uncertainty_score":0.4386308,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W4406153408","doi":"10.1145/3711816","title":"LLM-Powered Static Binary Taint Analysis","year":2025,"lang":"en","type":"article","venue":"ACM Transactions on Software Engineering and Methodology","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":20,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of Waterloo","funders":"Ant Group","keywords":"Taint checking; Computer science; Firmware; Static analysis; Vulnerability (computing); Binary number; Scalability; State (computer science); Computer security; Software; Computer hardware; Operating system; Programming language","retraction":null,"screen_n_in":null,"score":{"opus":0.04508240882382882,"gpt":0.3181407358867413,"spread":0.2730583270629125,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0006817542,0.0001528002,0.0003115371,0.0007027992,0.0001231158,0.00004569585,0.0004669007,0.0001017122,0.00002160245],"category_scores_gemma":[0.0006839765,0.0001580269,0.0001086436,0.001246081,0.00005021356,0.0001171724,0.000027798,0.0002512641,0.000005439373],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00004626853,"about_ca_system_score_gemma":0.00004716675,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00004111612,"about_ca_topic_score_gemma":0.000006769384,"domain_scores_codex":[0.9988005,0.0002237104,0.0002397412,0.0004148266,0.00009743362,0.0002237878],"domain_scores_gemma":[0.9957763,0.003194663,0.00003382371,0.0008588262,0.00006225066,0.00007411557],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"simulation_or_modeling","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.00006107063,0.0004472359,0.0007617616,0.0003650429,0.002414963,0.0000172391,0.00538393,0.5014724,0.002679808,0.1163426,0.0002577319,0.3697962],"study_design_scores_gemma":[0.003770433,0.001341,0.05786921,0.000213092,0.002678689,0.0001042422,0.001582195,0.6942698,0.03568679,0.1144211,0.08505499,0.003008402],"study_design_candidate":"simulation_or_modeling","study_design_consensus":"simulation_or_modeling","genre_codex":"methods","genre_gemma":"methods","genre_scores_codex":[0.01800827,0.0002046314,0.9797755,0.001106623,0.0002798432,0.000117312,0.000008608459,0.0004860692,0.00001316261],"genre_scores_gemma":[0.2352722,0.00005052113,0.764065,0.0002816413,0.000007079154,0.00008860539,0.000002823305,0.000006826221,0.0002252897],"genre_candidate":"methods","genre_consensus":"methods","teacher_disagreement_score":0.3667878,"threshold_uncertainty_score":0.6444152,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2532538584","doi":"10.1109/passat/socialcom.2011.58","title":"A Study of the Effectiveness of CSRF Guard","year":2011,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":20,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Concordia University of Edmonton","funders":"","keywords":"Guard (computer science); Computer science; Computer security; World Wide Web","retraction":null,"screen_n_in":null,"score":{"opus":0.03659824022094937,"gpt":0.2560633732281407,"spread":0.2194651330071913,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0006330392,0.00004361415,0.0001035795,0.00002543758,0.00002210945,0.000004949713,0.0008272036,0.00001453967,0.00001552616],"category_scores_gemma":[0.00003873126,0.00002680514,0.00003264214,0.000242331,0.00005467101,0.00008721582,0.0002755813,0.00003738785,0.000004500665],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.000006911775,"about_ca_system_score_gemma":0.00002381144,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0003419853,"about_ca_topic_score_gemma":0.00003206081,"domain_scores_codex":[0.9992054,0.0002936997,0.0001445717,0.0001332777,0.0001660183,0.00005707997],"domain_scores_gemma":[0.9988387,0.0002257583,0.00006356214,0.000762465,0.00009729497,0.00001222405],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"observational","study_design_scores_codex":[0.00002082665,0.00119491,0.07870059,0.00006571065,0.00003059937,2.663875e-7,0.02267877,0.000009751393,0.003338489,0.8928097,0.00004241121,0.001107962],"study_design_scores_gemma":[0.0004249764,0.0002664885,0.7296448,0.00001239331,0.000005583674,0.000001382586,0.001321905,0.0001811447,0.2374406,0.03058667,0.00004508899,0.0000690083],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.9615364,0.000004691408,0.02313101,0.00001306217,0.00005131516,0.0004043936,3.492046e-7,0.00002728126,0.01483147],"genre_scores_gemma":[0.9983353,1.21313e-7,0.001570761,0.00001115377,0.000002562861,0.00003768376,1.956663e-8,0.000001838894,0.00004056421],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.862223,"threshold_uncertainty_score":0.1537164,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2130828213","doi":"10.1109/wcre.2012.34","title":"Fast Detection of Access Control Vulnerabilities in PHP Applications","year":2012,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":19,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Polytechnique Montréal","funders":"","keywords":"Computer science; SQL injection; Access control; Secure coding; Scripting language; Scalability; Cross-site scripting; Web application; Computer security; Web application security; Operating system; Information security; World Wide Web; The Internet; Software security assurance; Web development","retraction":null,"screen_n_in":null,"score":{"opus":0.02216698525588525,"gpt":0.282508126285177,"spread":0.2603411410292918,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0005770169,0.0001038738,0.0001767717,0.000179146,0.00006231866,0.00006843336,0.0007558956,0.00005882093,0.00004528477],"category_scores_gemma":[0.00004523661,0.00009877712,0.00004684569,0.0005415424,0.00009298982,0.001330502,0.0001419809,0.0001203316,0.00003641797],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00006410365,"about_ca_system_score_gemma":0.00003488652,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0002263674,"about_ca_topic_score_gemma":0.000122124,"domain_scores_codex":[0.998833,0.0001050281,0.0003647939,0.0002291429,0.0002085393,0.0002595047],"domain_scores_gemma":[0.9987357,0.0003231852,0.000104232,0.0006442587,0.0001161532,0.00007648434],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"bench_or_experimental","study_design_scores_codex":[0.00001118559,0.0005325538,0.04292475,0.00009604052,0.00001580892,7.225645e-8,0.003286181,0.0003893857,0.01435004,0.8716688,0.00009128823,0.06663387],"study_design_scores_gemma":[0.003521367,0.0001923646,0.2516522,0.00003591131,0.00002715282,0.00002753461,0.002873451,0.05618804,0.5193051,0.1147906,0.0500285,0.001357747],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.06904943,0.0001279992,0.92343,0.0004248563,0.00007889303,0.0005553737,0.000004546657,0.0001439072,0.006185029],"genre_scores_gemma":[0.9955202,0.000004477101,0.003377987,0.0001607446,0.00007215252,0.0007234842,0.000001085876,0.000006128641,0.0001336975],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.9264708,"threshold_uncertainty_score":0.4028014,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2130537748","doi":"10.1109/cit.2011.103","title":"Effective SQL Injection Attack Reconstruction Using Network Recording","year":2011,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":17,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Athabasca University","funders":"","keywords":"Computer security; SQL injection; Computer science; Web application; Web application security; Order (exchange); Confidentiality; Security awareness; Web service; Internet privacy; World Wide Web; Information security; Web development; Business","retraction":null,"screen_n_in":null,"score":{"opus":0.053542543402265,"gpt":0.2709699289561927,"spread":0.2174273855539277,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0004684301,0.0001123521,0.0001268024,0.00008363192,0.0002229021,0.0000828335,0.0002832484,0.00007344094,0.0001033014],"category_scores_gemma":[0.00003401553,0.0001123174,0.00005238465,0.0005025079,0.00005304469,0.0008922316,0.0001307207,0.0001388403,0.00007360805],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0001277831,"about_ca_system_score_gemma":0.000030968,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0003841673,"about_ca_topic_score_gemma":0.00004177343,"domain_scores_codex":[0.9989157,0.0001402201,0.0002168957,0.0003796743,0.0001202512,0.0002272892],"domain_scores_gemma":[0.9991938,0.0001082979,0.0001105271,0.0004169598,0.0001128844,0.00005751925],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"design_other","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.00003844465,0.0001120872,0.03728599,0.00004597847,0.00007949615,0.000003295826,0.00633452,0.003279647,0.001678863,0.3847714,0.002735308,0.563635],"study_design_scores_gemma":[0.0008351425,0.0004891955,0.02572703,0.0001311744,0.00003612387,0.000943259,0.0009084408,0.6943734,0.02730141,0.243572,0.004429305,0.001253533],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.2639174,0.0000171969,0.7171321,0.0000401867,0.0008527464,0.0002765747,2.105675e-7,0.0003383126,0.01742521],"genre_scores_gemma":[0.7855069,0.000002272856,0.2140181,0.00009466533,0.0002235759,0.00004056685,3.9229e-7,0.000008027152,0.000105475],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.6910937,"threshold_uncertainty_score":0.4580172,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2043780253","doi":"10.1007/s10664-010-9131-y","title":"An empirical investigation into open source web applications’ implementation vulnerabilities","year":2010,"lang":"en","type":"article","venue":"Empirical Software Engineering","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":16,"is_retracted":false,"has_abstract":false,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of Alberta","funders":"","keywords":"Open source; Computer science; World Wide Web; Web application; Empirical research; Computer security; Operating system; Software","retraction":null,"screen_n_in":null,"score":{"opus":0.02216853955675353,"gpt":0.3347690496519468,"spread":0.3126005100951932,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":["metaepi_narrow"],"consensus_categories":[],"category_scores_codex":[0.0008585892,0.0002979916,0.0002778758,0.000194672,0.000352974,0.0008465758,0.002127473,0.0001832484,0.0001168889],"category_scores_gemma":[0.0003298957,0.000311907,0.00007377767,0.0008089771,0.0001098496,0.001861982,0.0006077616,0.0006157208,0.00009070307],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0001431747,"about_ca_system_score_gemma":0.0002615708,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0002258704,"about_ca_topic_score_gemma":0.000110805,"domain_scores_codex":[0.9975877,0.0001168162,0.0005690526,0.0008401142,0.0004605084,0.0004258377],"domain_scores_gemma":[0.9973711,0.000607738,0.000121971,0.00129538,0.0002053506,0.0003984786],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"observational","study_design_gemma":"not_applicable","study_design_scores_codex":[0.00001917529,0.0006005758,0.7502812,0.0003262153,0.00008900838,0.000004456469,0.02988805,0.01045032,0.04075719,0.05663037,0.01226443,0.09868907],"study_design_scores_gemma":[0.001664608,0.0003419522,0.1555568,0.0000304362,0.00003351069,0.00004894076,0.001099603,0.1458346,0.03023854,0.04594379,0.6169504,0.002256825],"study_design_candidate":"observational","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.3910864,0.00001247009,0.6051014,0.001949145,0.0001592934,0.0006358629,0.000005669501,0.001024402,0.00002536717],"genre_scores_gemma":[0.7162197,0.000001405508,0.2813485,0.0008347515,0.0002928216,0.001135759,0.00006523751,0.00004037051,0.00006153785],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.604686,"threshold_uncertainty_score":0.9999333,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W4403636726","doi":"10.1145/3697253.3697271","title":"StarQUIC: Tuning Congestion Control Algorithms for QUIC over LEO Satellite Networks","year":2024,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":15,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of Victoria; University of Toronto","funders":"","keywords":"Computer science; Network congestion; Satellite; Computer network; Algorithm; Engineering; Aerospace engineering","retraction":null,"screen_n_in":null,"score":{"opus":0.02113063797500468,"gpt":0.2868674820152841,"spread":0.2657368440402794,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0006548624,0.0001569668,0.0001737532,0.0001005659,0.0001176163,0.0006174765,0.0004491555,0.00009368122,0.00005523698],"category_scores_gemma":[0.00003450103,0.000140446,0.00009529553,0.0003111433,0.00006091782,0.000648003,0.00008047568,0.0001646663,0.00005480647],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00007632751,"about_ca_system_score_gemma":0.00007250829,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00004679855,"about_ca_topic_score_gemma":0.00002286968,"domain_scores_codex":[0.9985868,0.00006074159,0.0002859511,0.0005202656,0.0002166615,0.0003295587],"domain_scores_gemma":[0.9984874,0.0007944647,0.00004109529,0.0004659414,0.0001171819,0.00009393621],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.000009095148,0.00002473684,0.00009141962,0.00005016518,0.00003956652,0.000002672318,0.0005675105,0.001735588,0.0003670439,0.839429,0.003018949,0.1546643],"study_design_scores_gemma":[0.0003061462,0.00005430858,0.000424388,0.00002306923,0.000009562692,0.000005249737,0.00003510543,0.8722014,0.0001846395,0.01353545,0.1130441,0.0001766155],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.001288392,0.001931611,0.9910813,0.002426205,0.0006342896,0.0005588427,0.000008923163,0.0008041207,0.001266301],"genre_scores_gemma":[0.9568096,0.00006770454,0.0398333,0.001071819,0.0003974032,0.0002760401,0.00001516974,0.00002217039,0.001506769],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.9555212,"threshold_uncertainty_score":0.595434,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2046529117","doi":"10.1109/iceccs.2013.36","title":"Protecting Web Browser Extensions from JavaScript Injection Attacks","year":2013,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":15,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":true,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"Natural Sciences and Engineering Research Council of Canada","keywords":"JavaScript; Computer science; Unobtrusive JavaScript; Computer security; Web application; Cross-site scripting; Web browser; Client-side scripting; Exploit; Backward compatibility; False positive paradox; Code (set theory); Web page; Web application security; Operating system; World Wide Web; Set (abstract data type); Rich Internet application; Programming language; The Internet; Web navigation; Web API; Web development","retraction":null,"screen_n_in":null,"score":{"opus":0.01593034817214993,"gpt":0.2269103230495213,"spread":0.2109799748773714,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":["insufficient_payload"],"consensus_categories":[],"category_scores_codex":[0.0002320701,0.0001263562,0.0001286123,0.0000829115,0.00027223,0.0003399632,0.0005353235,0.00007777503,0.0005965463],"category_scores_gemma":[0.0001395473,0.0001117075,0.00005421673,0.0003300632,0.00004164173,0.001033278,0.000273607,0.0002533029,0.00166485],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00004878309,"about_ca_system_score_gemma":0.00005470032,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.002738977,"about_ca_topic_score_gemma":0.0001349329,"domain_scores_codex":[0.9986793,0.0001123643,0.0002531699,0.0004697055,0.0002497443,0.0002357231],"domain_scores_gemma":[0.9985957,0.0001869663,0.00007208841,0.0008176564,0.0002292307,0.00009842849],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"bench_or_experimental","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.000008156703,0.000552523,0.0100529,0.00005007024,0.0001117786,0.000004325267,0.01387622,0.0004659482,0.3422583,0.2398356,0.191016,0.2017681],"study_design_scores_gemma":[0.001172108,0.0002322636,0.05584631,0.0000677948,0.00001656207,0.00005932908,0.003374167,0.579678,0.07464667,0.1836762,0.09980408,0.001426449],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.527806,0.00004248409,0.4521063,0.003874563,0.0003610919,0.0007951111,0.000001883604,0.0009634136,0.01404915],"genre_scores_gemma":[0.9446195,0.000001681405,0.05210826,0.0009618411,0.0001235524,0.0003387278,0.000002300719,0.00001053082,0.001833619],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.5792121,"threshold_uncertainty_score":0.9991125,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2022941584","doi":"10.1145/1557626.1557643","title":"A verification framework for access control in dynamic web applications","year":2009,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":14,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"","keywords":"Computer science; Web application security; Access control; Role-based access control; Dynamic web page; Web modeling; Web application; Process (computing); Web engineering; Web service; Software engineering; Computer security; World Wide Web; Web development; Operating system","retraction":null,"screen_n_in":null,"score":{"opus":0.01663174061730677,"gpt":0.3302455407455204,"spread":0.3136138001282136,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0002779318,0.00009613793,0.0001306819,0.0001281809,0.00008214782,0.000220964,0.001116094,0.00008226244,0.00001287019],"category_scores_gemma":[0.00005820993,0.00009750415,0.00004354077,0.0005369974,0.00002671727,0.0005109094,0.0000339852,0.0001103935,0.000036445],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00007786169,"about_ca_system_score_gemma":0.00007651877,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.000007088852,"about_ca_topic_score_gemma":0.00002783304,"domain_scores_codex":[0.9989769,0.00003160652,0.0002654115,0.000393254,0.000133241,0.0001995582],"domain_scores_gemma":[0.9986672,0.0003331299,0.00007714784,0.0007692583,0.0001006101,0.00005259639],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"theoretical_or_conceptual","study_design_scores_codex":[0.00000415654,0.00008553923,0.0001063255,0.000005716584,0.000001653482,4.458295e-8,0.0001304951,0.0000739462,0.0008644533,0.9755341,0.0001644289,0.02302912],"study_design_scores_gemma":[0.0004420955,0.00003121865,0.005811648,0.000006226677,0.00000225106,9.913334e-7,0.00003028196,0.3002688,0.0003125939,0.6798406,0.01310305,0.0001502392],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":"theoretical_or_conceptual","genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.002103454,0.00005123556,0.9816728,0.01328751,0.00003204754,0.001310018,0.000007541088,0.0002488061,0.001286593],"genre_scores_gemma":[0.8627234,0.000007901595,0.1336943,0.002074173,0.00002721095,0.00139461,0.000006344021,0.000004383557,0.0000677064],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.86062,"threshold_uncertainty_score":0.3976104,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2140339782","doi":"10.1109/icit.2012.6210016","title":"Using TTCN-3 as a modeling language for web penetration testing","year":2012,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":14,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of Ottawa","funders":"","keywords":"Computer science; Software engineering; Web application; Web testing; Web application security; Manual testing; White-box testing; Web service; Web development; World Wide Web; Software development; Programming language; Software; Software construction","retraction":null,"screen_n_in":null,"score":{"opus":0.1399565873671311,"gpt":0.3557675824453241,"spread":0.215810995078193,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0004588811,0.00007630092,0.00007392363,0.00005497002,0.0001362515,0.0001241441,0.0002601528,0.00003632591,0.00001391671],"category_scores_gemma":[0.0001866587,0.0000737679,0.00002880874,0.000217319,0.00001022991,0.0008137196,0.00007993801,0.00004933401,0.00002975788],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00004183608,"about_ca_system_score_gemma":0.00006835769,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0001363644,"about_ca_topic_score_gemma":0.000009491269,"domain_scores_codex":[0.9992524,0.00002414383,0.0001631579,0.0001795206,0.0001406697,0.0002401282],"domain_scores_gemma":[0.9993061,0.0001821318,0.00004394416,0.0002963963,0.0001039834,0.0000674749],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.000003719689,0.0001046169,0.001516462,0.00005694021,0.0000101522,2.78414e-7,0.008818751,0.01102983,0.2296387,0.7347401,0.0001491149,0.01393137],"study_design_scores_gemma":[0.0001006029,0.00001137852,0.00002885317,0.000004993043,0.000002675673,0.000009090912,0.0003632166,0.9879525,0.007247888,0.003986537,0.0001886366,0.0001036075],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.3615284,0.00006076693,0.6341699,0.0001057021,0.00005679336,0.000166348,6.958928e-7,0.0001593144,0.003752073],"genre_scores_gemma":[0.6497529,1.498896e-7,0.3498523,0.0001717993,0.0001207422,0.00002885718,0.000001171037,0.000005245823,0.00006685791],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.9769227,"threshold_uncertainty_score":0.3008168,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2181718109","doi":"10.1109/iemcon.2015.7344461","title":"Evaluation of an OAuth 2.0 protocol implementation for web server applications","year":2015,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":13,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Western University","funders":"","keywords":"Computer science; Server; Web server; Protocol (science); Authorization; Web application; Application server; Exploit; Web service; Computer security; World Wide Web; Database; The Internet","retraction":null,"screen_n_in":null,"score":{"opus":0.1438534711366227,"gpt":0.4484205293009574,"spread":0.3045670581643347,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.003250629,0.00007396939,0.00008743686,0.00007377619,0.00005471319,0.00006402475,0.0004552918,0.00003296522,0.00005280063],"category_scores_gemma":[0.00004218471,0.00006973402,0.00003010631,0.000259397,0.00002505029,0.0007213288,0.0000647286,0.00002708825,0.00001630225],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0001047059,"about_ca_system_score_gemma":0.0005826906,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00005123216,"about_ca_topic_score_gemma":0.0001554732,"domain_scores_codex":[0.9984418,0.000149939,0.0003050029,0.0002737388,0.0007129405,0.0001166219],"domain_scores_gemma":[0.9973752,0.00004755153,0.0001488319,0.0006264051,0.001717562,0.00008445314],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.00001049901,0.0002842749,0.0002480344,0.0000541568,0.00001665731,1.058295e-8,0.001871601,0.0004035551,0.002610293,0.7846371,0.002376142,0.2074877],"study_design_scores_gemma":[0.004578483,0.0003743081,0.002103804,0.000004118912,0.00004083104,0.000002059013,0.001713386,0.5147594,0.05017209,0.3621038,0.06386879,0.0002788957],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"protocol","genre_scores_codex":[0.01865129,0.000003002375,0.8148463,0.0006828104,0.00003292994,0.1621199,0.00001843536,0.0002056989,0.003439549],"genre_scores_gemma":[0.4021737,2.89657e-8,0.08784939,0.00008028468,0.00004873866,0.5097699,0.00002908442,0.000006662818,0.00004221014],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.726997,"threshold_uncertainty_score":0.2843671,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W1979605461","doi":"10.1109/sere.2013.30","title":"Confeagle: Automated Analysis of Configuration Vulnerabilities in Web Applications","year":2013,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":12,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Queen's University","funders":"","keywords":"Computer science; Vulnerability (computing); Usability; Web application; Web application security; Computer security; Secure coding; Cross-site scripting; Web server; Denial-of-service attack; Web service; World Wide Web; The Internet; Web development; Software security assurance; Information security; Operating system; Security service","retraction":null,"screen_n_in":null,"score":{"opus":0.01158782755666369,"gpt":0.2622271124417072,"spread":0.2506392848850435,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0003547418,0.0001202654,0.0003194752,0.0006418535,0.00005216197,0.0001254891,0.000614529,0.00007350658,0.0006655683],"category_scores_gemma":[0.00005286933,0.0001139042,0.00008625073,0.002431795,0.0001296519,0.0006352738,0.00008488467,0.00009224445,0.0001269778],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00005379447,"about_ca_system_score_gemma":0.0001080133,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0007039453,"about_ca_topic_score_gemma":0.0004646515,"domain_scores_codex":[0.9984725,0.0001233592,0.0005953237,0.0003681958,0.0002536977,0.0001869976],"domain_scores_gemma":[0.9981455,0.0003966455,0.0001523186,0.00086193,0.0003819143,0.00006167986],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[9.919371e-7,0.00023037,0.005613963,0.0000256951,0.0001137263,9.840358e-8,0.001510329,0.001797725,0.007083067,0.9793451,0.001183246,0.003095684],"study_design_scores_gemma":[0.0002196789,0.00002880376,0.03206252,0.000003543586,0.00003308466,5.474539e-7,0.0006224323,0.9483014,0.006853698,0.009524137,0.002168869,0.0001812914],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.3873386,0.00006864332,0.5665166,0.003149979,0.00004654376,0.001797022,0.00002173874,0.001497601,0.03956324],"genre_scores_gemma":[0.9884993,0.000005741646,0.009876849,0.0001756947,0.000008436245,0.0009900954,0.00002706234,0.000004811557,0.0004120407],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.969821,"threshold_uncertainty_score":0.7287506,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2136944226","doi":"10.1109/issre.2008.11","title":"Resolving JavaScript Vulnerabilities in the Browser Runtime","year":2008,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":12,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of Alberta","funders":"","keywords":"JavaScript; Computer science; Unobtrusive JavaScript; Scripting language; Web application; Cross-site scripting; Rich Internet application; Client-side scripting; Malware; Web application security; World Wide Web; The Internet; Dynamic web page; Static analysis; Web page; Computer security; Operating system; Web development; Web API; Programming language","retraction":null,"screen_n_in":null,"score":{"opus":0.02911834255504793,"gpt":0.235798111504104,"spread":0.2066797689490561,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0009326742,0.0001337409,0.0001492822,0.0001128981,0.0002745309,0.0001446096,0.001598731,0.0000521523,0.0001185396],"category_scores_gemma":[0.0001382624,0.0000931394,0.00006281774,0.000539369,0.0001840281,0.0006684492,0.0002182925,0.0002449865,0.000196797],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00004606457,"about_ca_system_score_gemma":0.00007511328,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.000439599,"about_ca_topic_score_gemma":0.0001340746,"domain_scores_codex":[0.9983044,0.0002467078,0.0003172844,0.0003874058,0.0004322901,0.0003118608],"domain_scores_gemma":[0.998153,0.0005137879,0.00004340342,0.001172548,0.00007610343,0.00004111456],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"not_applicable","study_design_scores_codex":[0.000003161924,0.000147768,0.007970199,0.00001474095,0.000005872257,0.00001610618,0.03706449,0.0000776941,0.0002804348,0.9135785,0.03951173,0.001329281],"study_design_scores_gemma":[0.001705078,0.0002624197,0.1605713,0.00004440645,0.000007762618,0.000625056,0.01092642,0.04539184,0.008539807,0.1912817,0.5791024,0.001541858],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.7088442,0.0005711758,0.1040464,0.02263363,0.0003330682,0.0008710473,0.000002428223,0.0007235512,0.1619745],"genre_scores_gemma":[0.9790758,0.00001512582,0.0153327,0.002547071,0.00006886495,0.000118094,9.831292e-7,0.000007311796,0.002834042],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.7222968,"threshold_uncertainty_score":0.3798114,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W3124662913","doi":"10.1109/icdis50059.2020.00012","title":"An Analysis of Effectiveness of Black-Box Web Application Scanners in Detection of Stored SQL Injection and Stored XSS Vulnerabilities","year":2020,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":11,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Concordia University of Edmonton","funders":"","keywords":"Cross-site scripting; Computer science; SQL injection; Scripting language; Black box; Web application; Database; JavaScript; SQL; Testbed; World Wide Web; Operating system; Web page; Web application security; Artificial intelligence; Web development; Query by Example","retraction":null,"screen_n_in":null,"score":{"opus":0.009062021449745111,"gpt":0.2501606827558739,"spread":0.2410986613061288,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.001004047,0.0001411235,0.0005156353,0.0005618309,0.00003532734,0.00002058932,0.0003651748,0.0000981164,0.00000409629],"category_scores_gemma":[0.0001003688,0.0001478903,0.00009259562,0.002374676,0.000275104,0.0005113357,0.00008341679,0.0001087241,4.683621e-7],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00009912782,"about_ca_system_score_gemma":0.00007169813,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.001767188,"about_ca_topic_score_gemma":0.0008387174,"domain_scores_codex":[0.9979591,0.0005205664,0.0005672888,0.000509945,0.0003182146,0.000124845],"domain_scores_gemma":[0.9983188,0.0004062467,0.000318079,0.0005626413,0.0003165741,0.00007766553],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"bench_or_experimental","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.0002418438,0.0002958026,0.08417708,0.0008150616,0.0002008239,1.187197e-7,0.01104982,0.05176779,0.8167239,0.02678382,0.00000149997,0.007942449],"study_design_scores_gemma":[0.0004863423,0.0003937017,0.1723868,0.00001680662,0.00007495454,4.074533e-7,0.002067817,0.5749432,0.2482964,0.00117511,0.000009207228,0.0001493092],"study_design_candidate":"bench_or_experimental","study_design_consensus":null,"genre_codex":"empirical","genre_gemma":"empirical","genre_scores_codex":[0.6919355,0.00002658166,0.3074985,0.00004212615,0.0000165148,0.0003486921,0.00001100451,0.00005124968,0.0000698255],"genre_scores_gemma":[0.9979424,0.000006822234,0.00192023,0.00001527344,0.00001126045,0.00008076326,0.00001291967,0.000008019227,0.000002312815],"genre_candidate":"empirical","genre_consensus":"empirical","teacher_disagreement_score":0.5684275,"threshold_uncertainty_score":0.6030793,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W4211142584","doi":"10.1109/cns53000.2021.9705049","title":"Securing APIs and Chaos Engineering","year":2021,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":11,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"Toronto Metropolitan University","funders":"","keywords":"Computer security; Computer science; Security through obscurity; Security engineering; Security testing; Cloud computing security; Security service; Authentication (law); Computer security model; CHAOS (operating system); Security information and event management; Cloud computing; Software security assurance; Information security","retraction":null,"screen_n_in":null,"score":{"opus":0.005175417743820499,"gpt":0.1854306198884628,"spread":0.1802552021446423,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.00008076944,0.00005044979,0.00005830983,0.00002641055,0.00003501903,0.0001198366,0.0001500522,0.00001929736,0.00003314408],"category_scores_gemma":[0.00003015053,0.00005208039,0.00001344357,0.0001415506,0.000008964957,0.0002057354,0.0002163913,0.00005377745,0.00002093805],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00001008171,"about_ca_system_score_gemma":0.00001888737,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.000006303722,"about_ca_topic_score_gemma":0.000003310555,"domain_scores_codex":[0.9995217,0.000008964503,0.00007751355,0.0002016183,0.0000859572,0.0001043007],"domain_scores_gemma":[0.9995545,0.00006226133,0.000009884656,0.00028683,0.00003837659,0.00004812878],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"bench_or_experimental","study_design_scores_codex":[1.135999e-7,0.0000104111,0.000212082,0.00002464328,0.000004649279,0.000005110658,0.001136389,0.0000564988,0.007769854,0.9853326,0.0001715675,0.005276072],"study_design_scores_gemma":[0.0004641746,0.00002251637,0.005761593,0.0000306401,0.000004152906,0.0002043228,0.0003823244,0.4086823,0.4655,0.02224866,0.0961068,0.0005925577],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.1675949,0.0003812502,0.8230023,0.002833323,0.0001070841,0.00006596094,5.598085e-7,0.0003888306,0.005625854],"genre_scores_gemma":[0.9371012,0.00001291875,0.06215587,0.0002463775,0.00003407032,0.00001297266,4.233262e-7,0.000003727368,0.0004323822],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.9630839,"threshold_uncertainty_score":0.2123777,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2587146443","doi":"10.1145/3026724.3026742","title":"Causes and Prevention of SQL Injection Attacks in Web Applications","year":2016,"lang":"en","type":"article","venue":"","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":10,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false},"ca_institutions":"University of Windsor","funders":"","keywords":"SQL injection; Computer science; SQL; Computer security; Web application; Web application security; World Wide Web; Database; Query by Example; Web development; Web page; Search engine","retraction":null,"screen_n_in":null,"score":{"opus":0.01733261551234155,"gpt":0.2804923000057187,"spread":0.2631596844933771,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0001894198,0.00004695619,0.00007146711,0.0001011991,0.00002397233,0.00001757477,0.000162806,0.00003223274,0.00001812037],"category_scores_gemma":[0.00001826646,0.00003486921,0.00001450262,0.000232788,0.00005329273,0.0003346241,0.0000809561,0.00002631983,0.00001374915],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00002477868,"about_ca_system_score_gemma":0.00003667982,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00002976197,"about_ca_topic_score_gemma":0.0002387483,"domain_scores_codex":[0.9994251,0.00003702397,0.0001790039,0.0001942213,0.00009107204,0.00007356906],"domain_scores_gemma":[0.9994848,0.00008895013,0.00005672443,0.0002914251,0.00005440609,0.00002370669],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"theoretical_or_conceptual","study_design_scores_codex":[0.000003652892,0.0001194899,0.02338378,0.00003579454,0.000006108275,9.18057e-8,0.0006315098,0.000007849469,0.03149808,0.806527,0.0005154196,0.1372712],"study_design_scores_gemma":[0.002783156,0.0004527997,0.2374225,0.0001756953,0.00001468302,0.00004239963,0.0006641124,0.00653035,0.1542143,0.5326152,0.06429135,0.0007935081],"study_design_candidate":"theoretical_or_conceptual","study_design_consensus":"theoretical_or_conceptual","genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.2720827,0.00005079847,0.7238365,0.001327549,0.00001878741,0.0003154659,0.000002027523,0.0000845614,0.002281577],"genre_scores_gemma":[0.9920154,0.0000298945,0.007043197,0.00002761585,0.00001254442,0.0001575324,4.105267e-7,0.000002467707,0.0007109627],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.7199327,"threshold_uncertainty_score":0.1421925,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null},{"id":"W2063321466","doi":"10.5539/cis.v2n4p137","title":"Developing a Secure Web Application Using OWASP Guidelines","year":2009,"lang":"en","type":"article","venue":"Computer and Information Science","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":10,"is_retracted":false,"has_abstract":true,"routes":{"ca_aff":false,"ca_fund":false,"ca_venue":true,"about_ca":false},"ca_institutions":"","funders":"","keywords":"Computer science; Web application security; Guideline; Web application; Computer security; Secure coding; Trustworthiness; Software engineering; World Wide Web; Web development; Web service; Information security; Software security assurance; Security service","retraction":null,"screen_n_in":null,"score":{"opus":0.04078477196900634,"gpt":0.3193129080276416,"spread":0.2785281360586353,"validation_status":"score_only:v0-immature-baseline"},"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.0008393754,0.000118462,0.0001131353,0.0003256832,0.0004326669,0.0008109156,0.0009050737,0.00003884474,0.000001102628],"category_scores_gemma":[0.00005172353,0.0001086458,0.00002117677,0.001269844,0.0001486104,0.01103808,0.0002671366,0.00007907209,0.00002945992],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00008383041,"about_ca_system_score_gemma":0.0003379911,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.000005215163,"about_ca_topic_score_gemma":3.848282e-7,"domain_scores_codex":[0.9985942,0.00001579715,0.000443369,0.0002685033,0.0004547723,0.0002233522],"domain_scores_gemma":[0.9985469,0.00003022594,0.000162008,0.0004358679,0.0007220486,0.0001029324],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[7.844454e-7,0.000005387375,0.00005967215,0.000009572099,8.349495e-7,7.437652e-8,0.001292338,0.0006360832,0.0008620376,0.800001,0.0002321263,0.1969001],"study_design_scores_gemma":[0.0001373881,0.00002322759,0.002648158,0.00001589762,9.682971e-7,0.00003225329,0.00004439005,0.95868,0.001093174,0.0104546,0.02670156,0.0001684018],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.03319627,0.00003349083,0.9619946,0.003372414,0.0001360652,0.0002046702,0.000001143353,0.0001915032,0.0008698715],"genre_scores_gemma":[0.5812778,0.00001574939,0.4139676,0.004662903,0.00006381777,0.000006783509,0.00000210524,0.000001232017,0.000001999485],"genre_candidate":"methods","genre_consensus":null,"teacher_disagreement_score":0.9580439,"threshold_uncertainty_score":0.800234,"prediction_status":"machine_predicted_unvalidated"},"labels":[],"label_agreement":null}]}