Security News

Web Application Firewalls Tested Against XSS Attacks (SecurityWeek)
2015-09-15 17:50

Finding Vulnerabilities in Core WordPress - XSS in shortcode processing (Reddit)
2015-09-15 16:50

Evading All Web-Application Firewalls XSS Filters (Reddit)
2015-09-09 19:50

eBay Fixes XSS Flaw in Subdomain (Threatpost)
2015-09-08 15:41

There was a cross-site scripting vulnerability in an eBay domain that could have allowed an attacker to steal users’ session cookies and take over their accounts. The company has removed the...

Unconfirmed PayPal 0day auth flaw lingers after XSS gets fixed (The Register)
2015-09-04 16:53

Netflix Releases XSS Flaw Discovery Framework (SecurityWeek)
2015-09-03 16:53

PayPal stored XSS vulnerability exposed (Help Net Security)
2015-09-03 14:23

Bitdefender researchers have located a stored XSS vulnerability in PayPal that leaves the e-payment service open for hackers to upload maliciously crafted files, capable of performing attacks on regis...

Netflix Sleepy Puppy XSS flaw detection tool goes open source (ZDNet)
2015-09-03 13:55

Open source Sleepy Puppy tool finds XSS bugs in target apps and beyond (Help Net Security)
2015-09-03 13:52

Since Monday, security pros can add another XSS-finding tool to their arsenal, as Netflix has open sourced their cross-site scripting payload management framework dubbed "Sleepy Puppy." Sleepy Pupp...

Netflix Sleepy Puppy Awakens XSS Vulnerabilities in Secondary Applications (Threatpost)
2015-09-02 18:21

Netflix released Sleepy Puppy, a cross-site scripting payload management framework, to open source. The tool finds XSS vulnerabilities in secondary applications.