- Security Fixes and Improvements
- By Catalin Cimpanu
- November 18th, 2015
XSS Vulnerability Fixed in the WordPress WooCommerce Plugin
Hard to exploit, but a bountiful bug for hackers
- Security
- By Catalin Cimpanu
- November 9th, 2015
Buggy Analytics Code Exposes NBC, NFL Sites to XSS
ECMAScript 6 exposes sites to new XSS attack vectors
- Security Blog
- By Catalin Cimpanu
- November 3rd, 2015
The Telegraph and Daily Mail Fix XSS Vulnerabilities
A third unauthorized redirect issue is still present
- Security Fixes and Improvements
- By Catalin Cimpanu
- October 31st, 2015
XSS Vulnerability in Mantis Bug Tracker Puts Corporate 0Day Bugs at Risk
Mantis team fixes dangerous reflected XSS flaw
- Security
- By Catalin Cimpanu
- October 30th, 2015
It Took a Security Researcher 2 Minutes to Find an XSS Bug on YouTube Gaming
Researchers receives $3,000 for his efforts from Google
- Security
- By Catalin Cimpanu
- October 17th, 2015
XSS Bug Fixed in Akismet Anti-Spam WordPress Plugin
Automattic also sets up a protection system for older plugin versions, where the admin forget to upgrade it
- Security Blog
- By Catalin Cimpanu
- October 9th, 2015
Security Researcher Disappointed with How an XSS Bug Was Fixed in Drupal 8
Researcher finds reflected XSS bug in Drupal 8
- Security
- By Catalin Cimpanu
- September 17th, 2015
Microsoft Patches XSS Vulnerability in SharePoint 2013
XSS flaw allows remote authenticated users to inject arbitrary scripts or HTML via improperly sanitized input fields
- Security
- By Catalin Cimpanu
- September 3rd, 2015
Netflix Open Sources XSS Flaw Detection System That Works Across Applications
Security experts can now debug broad-ranging XSS bugs
- Security
- By Catalin Cimpanu
- September 2nd, 2015
PayPal XSS Vulnerability Found, Fixed Before Being Exploited
The stored XSS (fixed now) affected Firefox users only
- Security Blog
- By Catalin Cimpanu
- September 2nd, 2015
Infographic: How XSS Attacks Work
6% of the top 1000 websites have been victims of XSS attacks
- Security
- By Catalin Cimpanu
- August 27th, 2015
PayPal Fixes XSS Flaw That Allowed Access to Unencrypted Credit Card Details
White hat hacker earns himself $750 / €665
- Security
- By Ionut Ilascu
- May 18th, 2015
Researcher Reports Vulnerabilities in SoundCloud Service
SoundCloud is sufficiently popular for potential abuse
- Security
- By Ionut Ilascu
- May 7th, 2015
WordPress 4.2.2 Fixes DOM-Based XSS Bug Affecting Millions of Websites
Flaw can be repaired manually, bug is exploited in the wild
- Security
- By Ionut Ilascu
- May 6th, 2015
Millions of WordPress Websites Susceptible to Hijack Attacks
Attacks recorded before the disclosure of the vulnerability
- Security
- By Ionut Ilascu
- February 3rd, 2015
Almost All About.com Links Vulnerable to XSS, XFS Attacks
Researcher created his own tool to test the links
- Security Fixes and Improvements
- By Ionut Ilascu
- January 23rd, 2015
Google Apps Admin Panel Falls for XSS, Issue Researcher Gets $5,000
Glitch allowed password change, disabling 2FA