Security News

LifeLock Patches XSS That Could’ve Led to Phishing (Threatpost)
2015-07-01 15:48

Researchers identified a cross-site scripting vulnerability in a page on the LifeLock website that could allow an attacker to create an authentic-looking login page for the service and harvest...

Stored XSS Flaw Patched in Thycotic Secret Server (Threatpost)
2015-06-25 16:07

Thycotic, a maker of access-control and other security products, has patched a stored cross-site scripting vulnerability in one of its products that could enable an attacker to steal a victim's...

How to Prevent XSS Vulnerabilities in PHP (Reddit)
2015-06-17 00:11

Popular WordPress SEO Plugin Fixes XSS Bug (Threatpost)
2015-06-15 14:00

The Yoast WordPress SEO plugin, which has been downloaded more than 14 million times, has a serious cross-site scripting vulnerability that can allow an attacker to force a vulnerable site to...

XSS flaw exposed in IBM Domino enterprise platform (ZDNet)
2015-06-01 10:11

Synology Fixes XSS, Command Injection Vulnerabilities in NAS Software (SecurityWeek)
2015-05-26 13:11

XSS, CSRF Vulnerabilities identitified in WSO2 Identity Server (Threatpost)
2015-05-13 18:45

A handful of vulnerabilities have been identified in WSO2 Identity Server that could lead to takeover, firewall bypass, and potentially open subsequent internal servers up to further attacks.

WordPress Patches XSS Vulnerability Exploited in the Wild (SecurityWeek)
2015-05-08 13:10

Millions of WordPress websites vulnerable to XSS bug (SC Magazine)
2015-05-07 21:10

Hackers target critical XSS vulnerability in millions of Wordpress sites (ZDNet)
2015-05-07 11:10