Dark Reading

Cross-Site Scripting: Attackers' New Favorite Flaw

For years buffer overflow has been the favorite target of online attackers, but no more: Cross-site scripting is now the biggest culprit That's the scoop from Mitre Corp., which later this week will ...
Dark Reading

'You've Got Cross-Site Scripting'

Full Disclosure, sla.ckers.org, and other hacker forums: These are not the places where you first want to learn about a cross-site scripting vulnerability on your Website. Nor do you want to find out ...
heise online

Web-Security: With Content Security Policy against Cross-Site Scripting, Part 2

Cross-site scripting (XSS) remains one of the most common security threats to web applications. Despite advanced protection mechanisms, attackers continue to find new ways to exploit XSS ...
CSOonline

Severe Azure HDInsight flaws highlight dangers of cross-site scripting

Security researchers have found eight serious cross-site scripting (XSS) flaws in Azure HDInsight, a big data processing service powered by open-source technologies like Apache Hadoop, Spark, Hive and ...