Tag: xss
-
Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)
Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country,… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/22/cve-2024-37383-exploited/
-
Roundcube credentials targeted via patched XSS vulnerability
First seen on scworld.com Jump to article: www.scworld.com/brief/roundcube-credentials-targeted-via-patched-xss-vulnerability
-
Roundcube Webmail Vulnerability Exploited in Government Attack
An XSS vulnerability in Roundcube Webmail has been targeted for code execution against a governmental organization in a CIS country. The post Roundcub… First seen on securityweek.com Jump to article: www.securityweek.com/roundcube-webmail-vulnerability-exploited-in-government-attack/
-
WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks
A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitra… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/wordpress-litespeed-cache-plugin.html
-
XSS attacks possible with LiteSpeed Cache plugin vulnerability
First seen on scworld.com Jump to article: www.scworld.com/brief/xss-attacks-possible-with-litespeed-cache-plugin-vulnerability
-
Litespeed Cache Plugin Flaw Allows XSS Attack, Update Now
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/litespeed-cache-plugin-flaw-allows/
-
CISA and FBI Issue Alert on XSS Vulnerabilities
Cross-site scripting (XSS) vulnerabilities continue to be a major concern in today’s software landscape, despite being preventable. CISA and FBI have … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/cisa-and-fbi-issue-alert-on-xss-vulnerabilities/
-
CISA Urges Software Makers to Eliminate XSS Flaws
The latest Secure by Design alert from CISA outlines recommended actions security teams should implement to reduce the prevalence of cross-site script… First seen on darkreading.com Jump to article: www.darkreading.com/application-security/cisa-urges-software-makers-eliminate-xss-flaws
-
CISA Issues Advice to Help Eliminate XSS Bugs
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-advice-eliminate-xss-bugs/
-
New federal alert seeks XSS vulnerability remediation
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/new-federal-alert-seeks-xss-vulnerability-remediation
-
New Federal Alert Seeks to Eliminate XSS Flaws
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/new-federal-alert-seeks-to-eliminate-xss-flaws
-
CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities
CISA and the FBI have released an alert on XSS vulnerabilities, urging organizations to adopt a secure by design approach and eliminate them. The post… First seen on securityweek.com Jump to article: www.securityweek.com/cisa-fbi-urge-organizations-to-eliminate-xss-vulnerabilities/
-
CISA urges software devs to weed out XSS vulnerabilities
First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-urges-software-devs-to-weed-out-xss-vulnerabilities/
-
Gallup Addresses XSS Bugs in Website
Tags: xssFirst seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/gallup-poll-bugs-open-door-to-election-misinformation
-
Gallup.com Bugs Open Door to Election Misinformation
Researchers flagged a pair of Gallup polling site XSS vulnerabilities that could have allowed malicious actors to execute arbitrary code, access sensi… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/gallup-poll-bugs-open-door-to-election-misinformation
-
Gallup Poll Bugs Open Door to Election Misinformation
Researchers flagged a pair of Gallup polling site XSS vulnerabilities that could have allowed malicious actors to execute arbitrary code, access sensi… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/gallup-poll-bugs-open-door-to-election-misinformation
-
Critical XSS bug in Roundcube Webmail allows attackers to steal emails and sensitive data
Researchers warn of flaws in the Roundcube webmail software that could be exploited to steal sensitive information from target accounts. Sonar’s Vulne… First seen on securityaffairs.com Jump to article: securityaffairs.com/166736/hacking/critical-xss-bug-in-roundcube-webmail.html
-
Dangerous XSS Bugs in RedCAP Threaten Academic & Scientific Research
Tags: xssFirst seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/dangerous-xss-bugs-redcap-academic-scientific-research
-
OAuth Vulnerability Exposes 1 Million Websites To XSS Attacks
Despite robust defenses, Cross-Site Scripting (XSS) remains a persistent web vulnerability, as its exploitation has become increasingly challenging. A… First seen on gbhackers.com Jump to article: gbhackers.com/oauth-xss-vulnerability-exposure/
-
XSS and OAuth Combo Threatens Millions of Users Due to Hotjar Flaw
Cybersecurity Experts Uncover Critical Vulnerabilities in Leading Web Analytics Platform Hotjar, Potentially Exposing Sensitive Data of Millions of…… First seen on hackread.com Jump to article: hackread.com/xss-oauth-threatens-millions-hotjar-flaw/
-
1 million HotJar users vulnerable to XSS attacks
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/1-million-hotjar-users-vulnerable-to-xss-attacks
-
Millions of Websites Susceptible to XSS Attack via OAuth Implementation Flaw
Researchers discovered and published details of an XSS attack that could potentially impact millions of websites around the world. The post Millions o… First seen on securityweek.com Jump to article: www.securityweek.com/millions-of-websites-susceptible-xss-attack-via-oauth-implementation-flaw/
-
Over 1 Million websites are at risk of sensitive information leakage XSS is dead. Long live XSS
Intro Cross-site scripting (aka XSS) has rightfully claimed its place as one of the most popular web vulnerabilities. Since its first emergen… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/over-1-million-websites-are-at-risk-of-sensitive-information-leakage-xss-is-dead-long-live-xss/
-
Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw
Researchers discovered and published details of an XSS attack that could potentially impact millions of websites around the world. The post Millions o… First seen on securityweek.com Jump to article: www.securityweek.com/millions-of-websites-susceptible-xss-attack-via-oauth-implementation-flaw/
-
Netgear warns users to patch auth bypass, XSS router flaws
Netgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting (XSS) and authentication … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-authentication-bypass-xss-router-flaws/
-
Serious Flaws Fixed in ExpressionEngine CMS
Packet Tide has fixed a group of XSS vulnerabilities and an open HTTP redirection bug in its ExpressionEngine content management system, some of which… First seen on duo.com Jump to article: duo.com/decipher/serious-flaws-fixed-in-expressionengine-cms
-
Lessons Learned From Exposing Unusual XSS Vulnerabilities
Misunderstood browser APIs are often at the core of many web security issues. With the rapid expansion of web APIs, keeping up with security best prac… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/lessons-learned-from-exposing-unusual-xss-vulnerabilities/
-
GrimResource: Windows XSS-Schwachstelle mit .msc-Dateien ausgenutzt
Es gibt eine Schwachstelle in Windows, die es Angreifern ermöglicht, ein System zu infizieren und ein Netzwerk zu durchsuchen. Sicherheitsforscher von… First seen on borncity.com Jump to article: www.borncity.com/blog/2024/07/01/grimresource-windows-xss-schwachstelle-mit-msc-dateien-ausgenutzt/
-
Mailcow Patches Critical XSS and File Overwrite Flaws Update NOW
lcow email servers faced critical vulnerabilities (CVE-2024-31204 and CVE-2024-30270) allowing potential remote code execution. Update to Mailcow 2024… First seen on hackread.com Jump to article: hackread.com/mailcow-patches-critical-xss-file-overwrite-flaws/
-
Microsoft Saved Console files, Windows XSS bug leveraged in novel attack
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/microsoft-saved-console-files-windows-xss-bug-leveraged-in-novel-attack