Vulnerability Analysis of Web Applications in the MERN Stack

Abstract

This thesis examines security vulnerabilities in MERN stack web applications through a systematic analysis of functionality focused development practices. The objective was to identify common security weaknesses emerging from following popular resources and to develop practical mitigation strategies for secure MERN stack development. The methodology involved implementing a test application based on readily available guides and popular resources and conducting a comprehensive vulnerability assessment using both automated tools and manual penetration testing and developing secure implementations addressing identified weaknesses. Key findings revealed that popular resources can systematically introduce security vulnerabilities while claiming to implement secure patterns. The analysis uncovered multiple OWASP Top 10 vulnerabilities, including stored XSS, authentication flaws, and security misconfigurations. The research demonstrates that security must be a parallel process of the web development cycle. Practical recommendations include mandatory use of reliable security resources like OWASP, and continuous test-mitigate-validate cycles.