Security News

SAP Patches 12 SQL Injection, XSS Vulnerabilities in HANA (Threatpost)
2015-09-29 15:32

SAP patched a dozen holes in its in-memory management system HANA that could have led to SQL injections, cross-site scripting (XSS) errors, and memory corruption vulnerabilities.

Persistent XSS flaw in SharePoint 2013 revealed, patched (Help Net Security)
2015-09-16 11:15

Among the vulnerabilities patched earlier this month by Microsoft is an important one that endangers users of Microsoft SharePoint 2013, a web application platform in the Microsoft Office server suite...

WordPress Patches XSS, Privilege Escalation Vulnerabilities (SecurityWeek)
2015-09-16 10:50

Web Application Firewalls Tested Against XSS Attacks (SecurityWeek)
2015-09-15 17:50

Finding Vulnerabilities in Core WordPress - XSS in shortcode processing (Reddit)
2015-09-15 16:50

Evading All Web-Application Firewalls XSS Filters (Reddit)
2015-09-09 19:50

eBay Fixes XSS Flaw in Subdomain (Threatpost)
2015-09-08 15:41

There was a cross-site scripting vulnerability in an eBay domain that could have allowed an attacker to steal users’ session cookies and take over their accounts. The company has removed the...

Unconfirmed PayPal 0day auth flaw lingers after XSS gets fixed (The Register)
2015-09-04 16:53

Netflix Releases XSS Flaw Discovery Framework (SecurityWeek)
2015-09-03 16:53

PayPal stored XSS vulnerability exposed (Help Net Security)
2015-09-03 14:23

Bitdefender researchers have located a stored XSS vulnerability in PayPal that leaves the e-payment service open for hackers to upload maliciously crafted files, capable of performing attacks on regis...