Business Insider

Forbes Exploited: XSS Vulnerabilities Allow Phishers to Hijack Sessions & Steal Logins

Here's another delicious Byte. Ucha Gobejishvili, a Georgian Security Researcher under the handle of longrifle0x, discovered two cross site scripting (XSS) vulnerabilities on the official website of ...
Searchenginejournal.com

WordPress Stored XSS Vulnerability – Update Now

WordPress announced a security update to fix two vulnerabilities that could provide an attacker with the opportunity to stage a full site takeover. Among the two vulnerabilities, the most serious one ...
ZDNet

Netflix Sleepy Puppy XSS flaw detection tool goes open source

Cross-site scripting is a web application vulnerability which allows attackers to execute arbitrary code client-side in a victim's browser, which can lead to browser session hijacking or the theft of ...
ZDNet

PayPal fixes reflected XSS vulnerability in user wallet currency converter

First disclosed on February 19, 2020, by a bug bounty hunter who goes by the name "Cr33pb0y" on HackerOne, the vulnerability is described as a "reflected XSS and CSP bypass" issue. The bug was found ...
Bleeping Computer

Counter-Strike 2 HTML injection bug exposes players’ IP addresses

Valve has reportedly fixed an HTML injection flaw in CS2 that was heavily abused today to inject images into games and obtain other players' IP addresses. While initially thought to be a more severe ...