Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...

SQL injection has been getting most of the attention lately, but the average SQL injection attack isn't nearly as sophisticated and difficult to pull off as a well-crafted cross-site scripting (XSS) ...

The high-profile attack that hit the Twitter website early this morning and affected tens to hundreds of thousands of Twitter users serves as a reminder of just how the pervasive but often-dismissed ...

The teen, identified as Pearce Delphin, 17, detected the cross-site scripting (XSS) flaw which allowed JavaScript code to appear as plain text in tweets that could then be launched on the browsers of ...

A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site ...

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw. Hackers part of APT28, a state-backed ...

Cybersecurity experts at Orca Security have identified two critical cross-site scripting (XSS) vulnerabilities in Microsoft Azure services. The flaws, which exploited a weakness in the postMessage ...

Cross-site scripting (XSS) vulnerabilities are almost certainly the most prevalent security bugs found on websites today, and can be exploited by malicious hackers to hijack accounts, steal cookies, ...

Many websites have a WYSIWYG editor. You may not even realise that you are using one, but – if you think about it – chances are that many of the sites that you visit allow you make forum posts, ...

Attackers exploited a vulnerability in a popular video-sharing site to hijack users’ browsers for use in a large-scale distributed denial-of-service attack, according to researchers from Web security ...