Cross Site Scripting – Page 5

Critical Flaw Reported in Popular Evernote Extension for Chrome Users

Posted on June 13, 2019 by Swati Khandelwal

Cybersecurity researchers discover a critical flaw in the popular Evernote Chrome extension that could have allowed hackers to hijack your browser and steal sensitive information from any website you accessed.

Evernote is a popular service that helps … Continue reading Critical Flaw Reported in Popular Evernote Extension for Chrome Users→

Exploits for Social Warfare WordPress Plugin Reach Critical Mass

Posted on April 23, 2019 by Tara Seals

More and more attacks taking advantage of a XSS and RCE bug in the popular plugin have cropped up in the wild. Continue reading Exploits for Social Warfare WordPress Plugin Reach Critical Mass→

Drupal Releases Core CMS Updates to Patch Several Vulnerabilities

Posted on April 17, 2019 by Swati Khandelwal

Drupal, the popular open-source content management system, has released security updates to address multiple “moderately critical” vulnerabilities in Drupal Core that could allow remote attackers to compromise the security of hundreds of thousands of w… Continue reading Drupal Releases Core CMS Updates to Patch Several Vulnerabilities→

Flaw in popular PDF creation library enabled remote code execution

Posted on March 21, 2019 by Danny Bradbury

A researcher has discovered a high-severity bug in a popular PHP library used for creating PDFs. Continue reading Flaw in popular PDF creation library enabled remote code execution→

WordPress 5.1.1 patches dangerous XSS vulnerability

Posted on March 18, 2019 by John E Dunn

Researchers have offered more detail on a recently patched vulnerability that would allow an attacker to take over a WordPress site. Continue reading WordPress 5.1.1 patches dangerous XSS vulnerability→

Transforming Self-XSS Into Exploitable XSS

Posted on March 14, 2019 by Ziyahan Albeniz

Security researcher Brian Hyde was accepted into Synack Red Teams private bug bounty platform and discovered a Reflected XSS vulnerability in one of their programs. The difficulties he faced in exploiting this Cross-site Scripting (XSS) vulnerability, … Continue reading Transforming Self-XSS Into Exploitable XSS→

Severe Flaw Disclosed In StackStorm DevOps Automation Software

Posted on March 11, 2019 by Mohit Kumar

A security researcher has discovered a severe vulnerability in the popular, open source event-driven platform StackStorm that could allow remote attackers to trick developers into unknowingly execute arbitrary commands on targeted services.

StackStorm… Continue reading Severe Flaw Disclosed In StackStorm DevOps Automation Software→

Hacking Virtual Reality – Researchers Exploit Popular Bigscreen VR App

Posted on February 22, 2019 by Mohit Kumar

A team of cybersecurity researchers from the University of New Haven yesterday released a video demonstrating how vulnerabilities that most programmers often underestimate could have allowed hackers to evade privacy and security of your virtual reality… Continue reading Hacking Virtual Reality – Researchers Exploit Popular Bigscreen VR App→

LabKey Vulnerabilities Threaten Medical Research Data

Posted on January 25, 2019 by Tara Seals

LabKey Server version 18.3.0-61806.763, released on January 16, patches all three issues, so users should update as soon as possible. Continue reading LabKey Vulnerabilities Threaten Medical Research Data→

Adobe Issues Unscheduled Updates for Experience Manager Platform

Posted on January 22, 2019 by Lindsey O'Donnell

The patches are part of Adobe’s second unscheduled update this month. Continue reading Adobe Issues Unscheduled Updates for Experience Manager Platform→