CRN

Twitter Site Update Opened Hole For 'onMouseOver' XSS Attack

The teen, identified as Pearce Delphin, 17, detected the cross-site scripting (XSS) flaw which allowed JavaScript code to appear as plain text in tweets that could then be launched on the browsers of ...
Bleeping Computer

Latest Cross-Site Scripting news

A declassified report from Romania's Intelligence Service says that the country's election infrastructure was targeted by more than 85,000 cyberattacks. Threat actors have been exploiting a ...
Dark Reading

CISA Urges Software Makers to Eliminate XSS Flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are urging organizations to focus on eliminating cross-site scripting vulnerabilities in ...
Threat Post

High-Severity TinyMCE Cross-Site Scripting Flaw Fixed

The cross-site scripting flaw could enable arbitrary code execution, information disclosure – and even account takeover. A high-severity flaw has been disclosed in TinyMCE, an open-source text editor ...
CSOonline

SQL injection, XSS vulnerabilities continue to plague organizations

Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies. Despite years topping vulnerability lists, ...
CSOonline

Severe Azure HDInsight flaws highlight dangers of cross-site scripting

Security researchers have found eight serious cross-site scripting (XSS) flaws in Azure HDInsight, a big data processing service powered by open-source technologies like Apache Hadoop, Spark, Hive and ...