Security News

Researchers have discovered a serious cross-site scripting (XSS) vulnerability affecting all desktop versions of Edward Snowden’s favourite security application, Signal.

Attacker could skip past developer protections and get nasty Electron developers need to check their apps, after a security researcher turned up a remote code execution bug in the framework.…

Drupal has patched several vulnerabilities – both moderately critical and critical – in two versions of its content management system platform.

One SQL injection and three cross-site scripting (XSS) vulnerabilities have been patched with the release of Joomla 3.8.4 last week. The latest version of the open-source content management system...

Google has warned DoubleClick customers that some of the files provided by third-party vendors through its advertising platform can introduce cross-site scripting (XSS) vulnerabilities. read more

Mozilla this week announced plans to boost the Cross-Site-Scripting (XSS) protections in Firefox by treating data URLs as unique origin. read more

Automattic has patched a reflected cross-site scripting vulnerability in the WooCommerce WordPress plugin.

IBM fixed a cross-site scripting vulnerability in its Worklight and MobileFirst products that could have let an attacker steal sensitive information.

One of the vulnerabilities patched by Microsoft this week with its monthly security updates is a potentially serious cross-site scripting (XSS) flaw believed to affect most SharePoint 2016...

Verizon patched late last year persistent- DOM-based cross-site scripting vulnerabilities in its Message+ messaging client that could allow an attacker to control a user's session.