Threat Post

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

A WordPress reservation plugin has a vulnerability that allows unauthenticated hackers to access reservation data stored by site owners. An easy-to-exploit bug impacting the WordPress plugin ReDi ...
TechNewsWorld

Ridding the Web of the XSS Scourge

Cross-site scripting (XSS)/SQL injection attacks have been blamed for numerous data breaches, perhaps most notably the nightmare of the Heartland Payment Systems data breach. This type of attack has ...
Bleeping Computer

Phishing campaign uses UPS.com XSS vuln to distribute malware

A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents. The phishing scam was first discovered by security research Daniel ...
Dark Reading

Killer Combo: XSS + CSRF

Researchers will demonstrate a lethal combination of cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks tomorrow at Black Hat Europe in Amsterdam. The goal is to show the danger ...
Infosecurity-magazine.com

Winter Vivern: Zero-Day XSS Exploit Targets Roundcube Servers

ESET Research has discovered a significant cybersecurity threat as the Winter Vivern group exploited a zero-day cross-site scripting (XSS) vulnerability in the Roundcube Webmail server. The new ...