|
|
| (9 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| {| class="wikitable" style="text-align: left; width: 100%;"
| | |
| !
| |
| ! WordPress
| |
| ! WikkaWiki
| |
| |-
| |
| |Releases Analysed
| |
| |Nine
| |
| |Six
| |
| |-
| |
| | Security issue reports analyzed
| |
| | 97
| |
| | 61
| |
| |-
| |
| | Vulnerable files (over project's history)
| |
| | 26% (85 / 326)
| |
| | 29% (44 / 209)
| |
| |-
| |
| | Average number of hotspots (over project's history
| |
| | 255
| |
| | 92
| |
| |-
| |
| | Average percent of files having at least one hotspot
| |
| | 14.2%
| |
| | 8.42%
| |
| |-
| |
| |colspan="3" style="background: #eeeeee" | '''Hypotheses about files'''
| |
| |-
| |
| | '''H1.''' The more hotspots a file contains per line of code, the more likely it is that the file contains any web application vulnerability.
| |
| | True (Logistic Regression, p<0.05)
| |
| | True (Logistic Regression, p<0.05)
| |
| |-
| |
| | '''H2.''' The more hotspots a file contains, the more times that file was changed due to any kind of vulnerability (not just input validation vulnerabilities).
| |
| | True (Simple Linear Regression, p<0.0001, Adjusted R2 = 0.4208)
| |
| | True (Simple Linear Regression, p<0.0001, Adjusted R2 = 0.3802)
| |
| |-
| |
| |colspan="3" style="background: #eeeeee" | Hypotheses about issue reports
| |
| |-
| |
| |}
| |