Security News

IBM Patches Reflected XSS in Worklight, MobileFirst (Threatpost)
2017-08-02 19:11

IBM fixed a cross-site scripting vulnerability in its Worklight and MobileFirst products that could have let an attacker steal sensitive information.

Most SharePoint Installations Vulnerable to XSS Attacks (Security Week)
2017-06-15 10:43

One of the vulnerabilities patched by Microsoft this week with its monthly security updates is a potentially serious cross-site scripting (XSS) flaw believed to affect most SharePoint 2016...

Verizon Patches XSS Issues in its Messaging Client (Threatpost)
2017-05-22 19:25

Verizon patched late last year persistent- DOM-based cross-site scripting vulnerabilities in its Message+ messaging client that could allow an attacker to control a user's session.

Verizon Messages App Allowed XSS Attacks Over SMS (SecurityWeek)
2017-05-22 14:48

WordPress Fixes CSRF, XSS Bugs, Announces Bug Bounty Program (Threatpost)
2017-05-18 18:17

WordPress fixed six vulnerabilities with version 4.7.5 and announced a bug bounty program with HackerOne this week.

Google's PHP API client has XSS vulnerability (The Register)
2017-05-12 05:18

ColdFusion Hotfix Resolves XSS, Java Deserialization Bugs (Threatpost)
2017-04-25 16:36

Adobe released an important security hotfix for several versions of Coldfusion, resolving two bugs, Tuesday morning.

Splunk Patches Information Theft and XSS Flaws (SecurityWeek)
2017-04-03 13:48

DOM-based XSS in the Wild (Appsec Streetfighter Blog)
2017-03-29 17:48

New Attack Combines Self-XSS and Clickjacking (SecurityWeek)
2017-03-20 15:03