Advertisements

Google Chrome universal XSS vulnerability, now fixed

Written by DP

Monday, 4 May 2009

Roi Saltzman, a Security Researcher at IBM Rational Application Security Research Group, has been credited with the discovery  of this vulnerability - now fixed on Version 1.0.154.59 - which allows universal cross-site scripting (UXSS) without user interaction under certain conditions.  


read more...

Two critical XSS bugs on Barclays bank website

Written by DP

Sunday, 3 May 2009

Security researcher Pierre Gardenat has recently discovered two critical cross-site scripting bugs on Barclays.com.


read more...

XSS, Iframe injections and XMLHTTP post request errors on McAfee sites

Written by [-TE-]-Methodman and DP

Sunday, 3 May 2009

Methodman from Team-Elite has discovered a few vulnerabilities on several McAfee websites. Malicious users can exploit these bugs to infect customers and site visitors with malware, adware and spyware. They can also conduct phishing attacks by redirecting McAfee customers to fake McAfee sites.


read more...

Five Sun.com XSS flaws in the SSL user login page

Written by DP

Thursday, 23 April 2009

Xylitol reported five critical cross-site scripting vulnerabilities affecting Sun Microsystems website.


read more...

New critical XSS bug in Google's Orkut

Written by Pierre Gardenat and DP

Thursday, 23 April 2009

Security researcher Pierre Gardenat reported a new interesting vulnerability in Google's service Orkut. Malicious users can spread XSS worms on Orkut or steal authentication credentials from Google users who also use Orkut. *FIXED*


read more...

Critical XSS bugs found today on Symantec.com, now fixed

Written by DP

Wednesday, 15 April 2009

According to methodman, the search feature for Symantec Connect page was vulnerable to XSS. Malicious people could exploit these XSS vulnerabilities to infect millions of Symantec users and site visitors with malware, adware and spyware.


read more...

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 

 

45884 total xss
14724 special xss
3026 fixed
5328 xss onhold
2933 EW subscribers

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.