ZDNet

Google tackles XSS scripting flaws with new developer tools

Google has released two new tools for developers looking to protect web domains against XSS scripting security flaws. Cross-site scripting (XSS) is a common security issue web developers face today.
Threat Post

WordPress XSS Bug Allows Drive-By Code Execution

Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover. A just-patched stored cross-site scripting (XSS) vulnerability in WordPress allowed drive-by remote ...
Business Insider

Forbes Exploited: XSS Vulnerabilities Allow Phishers to Hijack Sessions & Steal Logins

Here's another delicious Byte. Ucha Gobejishvili, a Georgian Security Researcher under the handle of longrifle0x, discovered two cross site scripting (XSS) vulnerabilities on the official website of ...
Infosecurity-magazine.com

XSS and SQL Injection Plague Several NMSes

A slew of cross-site scripting (XSS) and SQL injection (SQLi) vulnerabilities that affect several network management system (NMS) products has been uncovered. Security firm Rapid7 has released details ...
TechCrunch

Skype Aware Of XSS Vulnerability In iOS Apps, “Working Hard To Fix” It

If you’re using Skype for iOS on your iPhone or iPod touch, consider yourself warned: a cross-site scripting vulnerability looms in the “Chat Message” window in version 3.0.1 and earlier versions. The ...
Infosecurity-magazine.com

Twitter hit by XSS attack

Twitter acknowledged the attack affecting its website early this morning, issuing a patch for the exploit several hours later. Numerous security vendors confirmed the XSS attack, including Sean-Paul ...
ZDNet

Serious XSS flaw haunts Microsoft SharePoint

Microsoft's security response team has confirmed the existence of a serious cross-site scripting (XSS) vulnerability in the Microsoft SharePoint Server 2007 product. The vulnerability, which can be ...