Open source bugs have soared in the past year
Open source bugs have skyrocketed, according to a report from WhiteSource, with XSS flaws account for a quarter of those bugs. Continue reading Open source bugs have soared in the past year
Category Archives: Cross Site Scripting
XSS plugin vulnerabilities plague WordPress users
Thousands of active WordPress plugins have been hit with a swathe of XSS vulnerabilities that could give attackers complete control of the site. Continue reading XSS plugin vulnerabilities plague WordPress users
Cookie-nabbing app could have served users side helping of XSS
A popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to XSS attacks. Continue reading Cookie-nabbing app could have served users side helping of XSS
This WhatsApp Bug Could Have Let Attackers Access Files On Your PCs
A cybersecurity researcher today disclosed technical details of multiple high severity vulnerabilities he discovered in WhatsApp, which, if exploited, could have allowed remote attackers to compromise the security of billions of users in different ways… Continue reading This WhatsApp Bug Could Have Let Attackers Access Files On Your PCs
Critical Flaws in Magento e-Commerce Platform Allow Code-Execution
Admins are encouraged to update their websites to stave off attacks from Magecart card-skimmers and others. Continue reading Critical Flaws in Magento e-Commerce Platform Allow Code-Execution
TikTok Riddled With Security Flaws
The video sharing app has fixed several flaws allowing partial account takeover and information exposure. Continue reading TikTok Riddled With Security Flaws
Microsoft Outlook for Android Bug Opens Door to XSS
Successful exploitation allows attackers to steal potentially sensitive information, change appearance of the web page, and perform phishing, spoofing and drive-by-download attacks. Continue reading Microsoft Outlook for Android Bug Opens Door to XSS
Unpatched Bug Under Active Attack Threatens WordPress Sites with XSS
The issue in the Rich Reviews plugin is being actively exploited. Continue reading Unpatched Bug Under Active Attack Threatens WordPress Sites with XSS
No surprises in the top 25 most dangerous software errors
An in-depth study of reported bugs has produced a list of the top 25 bug categories in software today – with some old familiar names topping the list. Continue reading No surprises in the top 25 most dangerous software errors
WordPress XSS Bug Allows Drive-By Code Execution
Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover. Continue reading WordPress XSS Bug Allows Drive-By Code Execution