Just another persistent Twitter XSS

Written by DP

Monday, 19 July 2010

*UPDATED 20 Jul 2010 : 10:39pm* - A mirror of the now corrected vulnerability has been published. Also, read on an excellent technical blog post by Billy (BK) Rios about another Twitter XSS bug... Romanian security researcher "d3v1l" from Security-Sh3ll, has notified us just a few minutes ago about a persistent XSS that he discovered on Twitter's help center...

YouTube persistent XSS vulnerability

Written by DP

Monday, 5 July 2010

Researchers from a Romanian security team (InSecurityRomania) have revealed a critical persistent cross-site scripting (XSS) vulnerability which affects YouTube's comment field.

Persistent XSS vulnerability affecting Twitter promptly corrected

Written by DP

Sunday, 27 June 2010

Indonesian security researcher who goes by the nickname "H4x0r-x0x" (http://www.0wn3d-5ys.co.cc/), has discovered and submitted to the XSS archive, a critical persistent cross-site scripting vulnerability (Script Insertion) on the popular microblogging platform Twitter.com...

National Security Agency (NSA) SSL web page XSSed

Written by DP

Wednesday, 23 June 2010

Security researcher "Zeitjak", has notified us that the NSA.gov website is vulnerable to a new critical cross-site scripting vulnerability...

Norton Update Center critical XSS vulnerability

Written by DP

Monday, 21 June 2010

According to security researcher "d3v1l" from Security-Shell, the Norton Update Center is vulnerable to cross-site scripting, redirects and html injections.

BP website again defaced via XSS to protest against oil spill

Written by DP

Friday, 18 June 2010

Independent security researchers PaPPy and Zeitjak have submitted to the archive a few XSS vulnerabilities affecting BP's official website and allowing for temporary anti-BP website defacements.

older news...

38444 total xss 12419 special xss 2224 fixed 5239 xss onhold 1733 EW subscribers