Hackaday

Exploit-Me Firefox XSS And SQL Scanning Addon

[youtube=http://www.youtube.com/watch?v=RbL2ptbjoSA&hl=en&rel=0&color1=0x3a3a3a&color2=0x999999] One of the best tools we saw at LayerOne was the Exploit-Me series ...
Threat Post

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

A WordPress reservation plugin has a vulnerability that allows unauthenticated hackers to access reservation data stored by site owners. An easy-to-exploit bug impacting the WordPress plugin ReDi ...
Infosecurity-magazine.com

Winter Vivern: Zero-Day XSS Exploit Targets Roundcube Servers

ESET Research has discovered a significant cybersecurity threat as the Winter Vivern group exploited a zero-day cross-site scripting (XSS) vulnerability in the Roundcube Webmail server. The new ...
Dark Reading

XSS Flaw In TweetDeck Leads To Spread Of Potential Exploits

A cross-site scripting bug in Twitter's TweetDeck tool caused trouble for many users on Wednesday, and potentially opened up many other users to XSS attacks. A researcher tweeted the vulnerability ...
Threat Post

TweetDeck Taken Down in Wake of XSS Attacks

TweetDeck said it temporarily has taken down its services after cross-site scripting exploit code circulated today. TweetDeck services have been disabled for the time being as Twitter tries to get a ...
ZDNet

TikTok patches reflected XSS bug, one-click account takeover exploit

TikTok has patched a reflected XSS security flaw and a bug leading to account takeover impacting the firm's web domain. Reported via the bug bounty platform HackerOne by researcher Muhammed "milly" ...
Dark Reading

Browsers Gone Bad

12:35 PM -- The press covered it, the user community rejoiced, but what does it actually mean that the author of the first cross-site scripting (XSS) virus was prosecuted? The first ever XSS worm was ...