xss – Page 2 – WindowsTechs.com

What is the next layers of defence against cookie stealing if GET parameter is vulnerable to XSS and there is no HttpOnly flag in a website?

Posted on July 12, 2024 by fed

If a GET parameter in a website is vulnerable to XSS and the user input is reflected without any change or escaping or filtering and also HttpOnly is not set for session cookie, is stealing the cookie possible? or there might be more layer… Continue reading What is the next layers of defence against cookie stealing if GET parameter is vulnerable to XSS and there is no HttpOnly flag in a website?→

CVSS 3.0 score for reflected XSS vulnerability in GET parameter [closed]

Posted on July 10, 2024 by user26317030

There is a website that allows searching for content (without need for authentication). It uses GET parameter named "query" to search and it is vulnerable to reflected XSS. What is CVSS 3.0 score in the following scenarios?:

Vul… Continue reading CVSS 3.0 score for reflected XSS vulnerability in GET parameter [closed]→

A web site allows upload of pdf/svg files, can we say it is vulnerable to Stored XSS?

Posted on July 10, 2024 by user26317030

It is possible to have JavaScript code in pdf or svg files. I think JavaScript inside svg runs in almost all browsers and I think JavaScript inside pdf generally always runs in chrome.
So during a pentest we have seen that the website allo… Continue reading A web site allows upload of pdf/svg files, can we say it is vulnerable to Stored XSS?→

Stolen Singaporean Identities Sold on Dark Web Starting at $8

Posted on June 25, 2024 by Deeba Ahmed

Singapore citizens, beware! Cybercriminals are targeting your digital identities and KYC data, starting at just $8, putting users at risk of exploitation. Learn how to protect your data, finances, and reputation with strong passwords, multi-factor auth… Continue reading Stolen Singaporean Identities Sold on Dark Web Starting at $8→

Mailcow Patches Critical XSS and File Overwrite Flaws – Update NOW

Posted on June 24, 2024 by Deeba Ahmed

Mailcow email servers faced critical vulnerabilities (CVE-2024-31204 and CVE-2024-30270) allowing potential remote code execution. Update to Mailcow 2024-04 (Moopril Update) to patch the security holes and keep your email server safe. Continue reading Mailcow Patches Critical XSS and File Overwrite Flaws – Update NOW→

SVG XSS – When script tag and on* attributes are filtered

Posted on June 15, 2024 by paj28

I’m looking at an XSS lab that has the tags: script, iframe, object and embed filtered, and all on* attributes are filtered. However, svg is allowed.
Is this exploitable, with no user interaction required? I’m sure I’ve seen other ways to … Continue reading SVG XSS – When script tag and on* attributes are filtered→

XSS against improper character sanitization

Posted on June 9, 2024 by arian_lrd

I have the following code from an XSS challenge and I’ve been told that it’s vulnerable to XSS. And the hint to the question points to https://html.spec.whatwg.org/multipage/parsing.html#tag-open-state
<script>
let input = (new URL(l… Continue reading XSS against improper character sanitization→

Popular WordPress Plugins Leave Millions Open to Backdoor Attacks

Posted on June 3, 2024 by Deeba Ahmed

Fastly researchers discover unauthenticated stored XSS attacks plaguing WordPress Plugins including WP Meta SEO, and the popular WP… Continue reading Popular WordPress Plugins Leave Millions Open to Backdoor Attacks→

Is it a good idea to implement an XSS blocking middleware like cloudflare?

Posted on May 24, 2024 by a_duck

I noticed that whenever someone tries to send XSS data, Cloudflare blocks it.
So I tested it and concluded the pattern.
I want to implement a Regex that detects any XSS pattern and block it.
Note: I already made sure that my client side e… Continue reading Is it a good idea to implement an XSS blocking middleware like cloudflare?→

Running blog under /blog, security considerations

Posted on May 16, 2024 by hyperknot

I’d like to set up a self-hosted Ghost.org blog for a SaaS. I have two options:

example.com/blog
blog.example.com

Everywhere I read they recommend the /blog for SEO. However, I’m concerned about the security considerations of such setup…. Continue reading Running blog under /blog, security considerations→