WordPress has patched a cross-site scripting vulnerability which otherwise would have resulted in hackers gaining full access to any WordPress website. The security flaw was first spotted by security firm Sucuri. The…
Tag: XSS
Twitter restores TweetDeck after taking it offline following discovery of XSS vulnerability
The vulnerability, which was believed to be patched, isn’t actually fixed and Twitter had to take the extreme step of taking Tweetdeck offline.
eBay riddled with XSS flaws
The perils of eBay continue! After a week of intense drama about security breach, researchers have disclosed information on XSS flaws.
Feedly Android app vulnerable to JavaScript injection
Feedly Android app is vulnerable to JavaScript injection that could not only compromise privacy of millions of users. According to a Singapore based security researcher Jeremy S. Feedly’s Android app fails to…
D-Link 2760N routers marred with reflected, stored XSS flaws
A security researcher has reported a number of reflected and stored XSS flaws in D-Link’s 2760N routers (DSL-2760U-BN) through full disclosure mailing list. Liad Mizrachi, the researcher who revealed the flaws, claimed…
Researcher discovers stored XSS flaw in GMail for iOS, gets $5,000 reward
A security researcher has found a cross site scripting (XSS) flaw in Gmail for iOS app that gets triggered without any user intervention. Roy Castillo, the researcher who found the flaw, notes…
Yahoo pays measly $12.50 for single XSS flaw under its reward program
Security researchers have revealed that Yahoo pays out peltry $12.50 for each cross-site scripting (XSS) flaw that is discovered on one of its domains, no matter how dangerous they can be if…